CVE-2013-0158

Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.
References
Link Resource
http://rhn.redhat.com/errata/RHSA-2013-0220.html
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/01/07/4
https://bugzilla.redhat.com/show_bug.cgi?id=892795
https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04 Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0220.html
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/01/07/4
https://bugzilla.redhat.com/show_bug.cgi?id=892795
https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cloudbees:jenkins:*:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.400:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.401:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.402:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.403:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.404:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.405:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.406:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.407:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.408:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.409:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.410:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.411:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.412:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.413:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.414:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.415:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.416:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.417:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.418:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.419:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.420:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.421:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.422:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.423:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.424:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.425:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.426:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.427:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.428:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.429:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.430:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.431:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.432:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.433:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.434:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.435:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.436:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.437:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:cloudbees:jenkins:1.466.1.2:-:enterprise:*:*:*:*:*
cpe:2.3:a:cloudbees:jenkins:1.466.2.1:-:enterprise:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:cloudbees:jenkins:1.400:-:lts:*:*:*:*:*
cpe:2.3:a:cloudbees:jenkins:1.424:-:lts:*:*:*:*:*
cpe:2.3:a:cloudbees:jenkins:1.447:-:lts:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.409.1:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.409.2:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.409.3:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.424.1:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.424.2:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.424.3:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.424.4:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.424.5:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.424.6:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.447.1:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.447.2:*:*:*:*:*:*:*
cpe:2.3:a:jenkins:jenkins:1.466.1:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:cloudbees:jenkins:1.447.1.1:-:enterprise:*:*:*:*:*
cpe:2.3:a:cloudbees:jenkins:1.447.2.2:-:enterprise:*:*:*:*:*
cpe:2.3:a:cloudbees:jenkins:1.447.3.1:-:enterprise:*:*:*:*:*

History

21 Nov 2024, 01:46

Type Values Removed Values Added
References () http://rhn.redhat.com/errata/RHSA-2013-0220.html - () http://rhn.redhat.com/errata/RHSA-2013-0220.html -
References () http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb - Vendor Advisory () http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb - Vendor Advisory
References () http://www.openwall.com/lists/oss-security/2013/01/07/4 - () http://www.openwall.com/lists/oss-security/2013/01/07/4 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=892795 - () https://bugzilla.redhat.com/show_bug.cgi?id=892795 -
References () https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04 - () https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04 -
References () https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5 - () https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5 -
References () https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602 - () https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602 -
References () https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd - () https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd -
References () https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2 - () https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2 -
References () https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04 - Vendor Advisory () https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04 - Vendor Advisory

Information

Published : 2013-02-24 22:55

Updated : 2024-11-21 01:46


NVD link : CVE-2013-0158

Mitre link : CVE-2013-0158

CVE.ORG link : CVE-2013-0158


JSON object : View

Products Affected

jenkins

  • jenkins

cloudbees

  • jenkins