CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000414

A cross-site request forgery vulnerability exists in Jenkins Config File Provider Plugin 3.1 and earlier in ConfigFilesManagement.java, FolderConfigFileAction.java that allows creating and editing configuration file definitions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.5%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 5.8

References

Products affected by CVE-2018-1000414

Jenkins » Config File Provider » Version: 1.0

cpe:2.3:a:jenkins:config_file_provider:1.0
Jenkins » Config File Provider » Version: 1.1

cpe:2.3:a:jenkins:config_file_provider:1.1
Jenkins » Config File Provider » Version: 1.2

cpe:2.3:a:jenkins:config_file_provider:1.2
Jenkins » Config File Provider » Version: 1.4

cpe:2.3:a:jenkins:config_file_provider:1.4
Jenkins » Config File Provider » Version: 1.5

cpe:2.3:a:jenkins:config_file_provider:1.5
Jenkins » Config File Provider » Version: 1.6

cpe:2.3:a:jenkins:config_file_provider:1.6
Jenkins » Config File Provider » Version: 1.6.1

cpe:2.3:a:jenkins:config_file_provider:1.6.1
Jenkins » Config File Provider » Version: 1.9.1

cpe:2.3:a:jenkins:config_file_provider:1.9.1
Jenkins » Config File Provider » Version: 2.0

cpe:2.3:a:jenkins:config_file_provider:2.0
Jenkins » Config File Provider » Version: 2.1

cpe:2.3:a:jenkins:config_file_provider:2.1
Jenkins » Config File Provider » Version: 2.1.1

cpe:2.3:a:jenkins:config_file_provider:2.1.1
Jenkins » Config File Provider » Version: 2.10.0

cpe:2.3:a:jenkins:config_file_provider:2.10.0
Jenkins » Config File Provider » Version: 2.10.1

cpe:2.3:a:jenkins:config_file_provider:2.10.1
Jenkins » Config File Provider » Version: 2.11

cpe:2.3:a:jenkins:config_file_provider:2.11
Jenkins » Config File Provider » Version: 2.12

cpe:2.3:a:jenkins:config_file_provider:2.12
Jenkins » Config File Provider » Version: 2.13

cpe:2.3:a:jenkins:config_file_provider:2.13
Jenkins » Config File Provider » Version: 2.14

cpe:2.3:a:jenkins:config_file_provider:2.14
Jenkins » Config File Provider » Version: 2.14.1

cpe:2.3:a:jenkins:config_file_provider:2.14.1
Jenkins » Config File Provider » Version: 2.14.2

cpe:2.3:a:jenkins:config_file_provider:2.14.2
Jenkins » Config File Provider » Version: 2.15

cpe:2.3:a:jenkins:config_file_provider:2.15
Jenkins » Config File Provider » Version: 2.15.1

cpe:2.3:a:jenkins:config_file_provider:2.15.1
Jenkins » Config File Provider » Version: 2.15.2

cpe:2.3:a:jenkins:config_file_provider:2.15.2
Jenkins » Config File Provider » Version: 2.15.3

cpe:2.3:a:jenkins:config_file_provider:2.15.3
Jenkins » Config File Provider » Version: 2.15.4

cpe:2.3:a:jenkins:config_file_provider:2.15.4
Jenkins » Config File Provider » Version: 2.15.5

cpe:2.3:a:jenkins:config_file_provider:2.15.5
Jenkins » Config File Provider » Version: 2.15.6

cpe:2.3:a:jenkins:config_file_provider:2.15.6
Jenkins » Config File Provider » Version: 2.15.7

cpe:2.3:a:jenkins:config_file_provider:2.15.7
Jenkins » Config File Provider » Version: 2.16.0

cpe:2.3:a:jenkins:config_file_provider:2.16.0
Jenkins » Config File Provider » Version: 2.16.1

cpe:2.3:a:jenkins:config_file_provider:2.16.1
Jenkins » Config File Provider » Version: 2.16.2

cpe:2.3:a:jenkins:config_file_provider:2.16.2
Jenkins » Config File Provider » Version: 2.16.3

cpe:2.3:a:jenkins:config_file_provider:2.16.3
Jenkins » Config File Provider » Version: 2.16.4

cpe:2.3:a:jenkins:config_file_provider:2.16.4
Jenkins » Config File Provider » Version: 2.17

cpe:2.3:a:jenkins:config_file_provider:2.17
Jenkins » Config File Provider » Version: 2.18

cpe:2.3:a:jenkins:config_file_provider:2.18
Jenkins » Config File Provider » Version: 2.2.1

cpe:2.3:a:jenkins:config_file_provider:2.2.1
Jenkins » Config File Provider » Version: 2.3

cpe:2.3:a:jenkins:config_file_provider:2.3
Jenkins » Config File Provider » Version: 2.4

cpe:2.3:a:jenkins:config_file_provider:2.4
Jenkins » Config File Provider » Version: 2.5

cpe:2.3:a:jenkins:config_file_provider:2.5
Jenkins » Config File Provider » Version: 2.5.1

cpe:2.3:a:jenkins:config_file_provider:2.5.1
Jenkins » Config File Provider » Version: 2.6

cpe:2.3:a:jenkins:config_file_provider:2.6
Jenkins » Config File Provider » Version: 2.6.1

cpe:2.3:a:jenkins:config_file_provider:2.6.1
Jenkins » Config File Provider » Version: 2.6.2

cpe:2.3:a:jenkins:config_file_provider:2.6.2
Jenkins » Config File Provider » Version: 2.7

cpe:2.3:a:jenkins:config_file_provider:2.7
Jenkins » Config File Provider » Version: 2.7.1

cpe:2.3:a:jenkins:config_file_provider:2.7.1
Jenkins » Config File Provider » Version: 2.7.2

cpe:2.3:a:jenkins:config_file_provider:2.7.2
Jenkins » Config File Provider » Version: 2.7.3

cpe:2.3:a:jenkins:config_file_provider:2.7.3
Jenkins » Config File Provider » Version: 2.7.4

cpe:2.3:a:jenkins:config_file_provider:2.7.4
Jenkins » Config File Provider » Version: 2.7.5

cpe:2.3:a:jenkins:config_file_provider:2.7.5
Jenkins » Config File Provider » Version: 2.8.1

cpe:2.3:a:jenkins:config_file_provider:2.8.1
Jenkins » Config File Provider » Version: 2.9.1

cpe:2.3:a:jenkins:config_file_provider:2.9.1
Jenkins » Config File Provider » Version: 2.9.2

cpe:2.3:a:jenkins:config_file_provider:2.9.2
Jenkins » Config File Provider » Version: 2.9.3

cpe:2.3:a:jenkins:config_file_provider:2.9.3
Jenkins » Config File Provider » Version: 3.0

cpe:2.3:a:jenkins:config_file_provider:3.0
Jenkins » Config File Provider » Version: 3.1

cpe:2.3:a:jenkins:config_file_provider:3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000414

Products

Pricing

Contact Us