CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1003028

A server-side request forgery vulnerability exists in Jenkins JMS Messaging Plugin 1.1.1 and earlier in SSLCertificateAuthenticationMethod.java, UsernameAuthenticationMethod.java that allows attackers with Overall/Read permission to have Jenkins connect to a JMS endpoint.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.9%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

Products affected by CVE-2019-1003028

Jenkins » Jms Messaging » Version: 1.0.0

cpe:2.3:a:jenkins:jms_messaging:1.0.0
Jenkins » Jms Messaging » Version: 1.0.1

cpe:2.3:a:jenkins:jms_messaging:1.0.1
Jenkins » Jms Messaging » Version: 1.0.10

cpe:2.3:a:jenkins:jms_messaging:1.0.10
Jenkins » Jms Messaging » Version: 1.0.11

cpe:2.3:a:jenkins:jms_messaging:1.0.11
Jenkins » Jms Messaging » Version: 1.0.12

cpe:2.3:a:jenkins:jms_messaging:1.0.12
Jenkins » Jms Messaging » Version: 1.0.13

cpe:2.3:a:jenkins:jms_messaging:1.0.13
Jenkins » Jms Messaging » Version: 1.0.14

cpe:2.3:a:jenkins:jms_messaging:1.0.14
Jenkins » Jms Messaging » Version: 1.0.15

cpe:2.3:a:jenkins:jms_messaging:1.0.15
Jenkins » Jms Messaging » Version: 1.0.16

cpe:2.3:a:jenkins:jms_messaging:1.0.16
Jenkins » Jms Messaging » Version: 1.0.17

cpe:2.3:a:jenkins:jms_messaging:1.0.17
Jenkins » Jms Messaging » Version: 1.0.18

cpe:2.3:a:jenkins:jms_messaging:1.0.18
Jenkins » Jms Messaging » Version: 1.0.19

cpe:2.3:a:jenkins:jms_messaging:1.0.19
Jenkins » Jms Messaging » Version: 1.0.2

cpe:2.3:a:jenkins:jms_messaging:1.0.2
Jenkins » Jms Messaging » Version: 1.0.20

cpe:2.3:a:jenkins:jms_messaging:1.0.20
Jenkins » Jms Messaging » Version: 1.0.21

cpe:2.3:a:jenkins:jms_messaging:1.0.21
Jenkins » Jms Messaging » Version: 1.0.22

cpe:2.3:a:jenkins:jms_messaging:1.0.22
Jenkins » Jms Messaging » Version: 1.0.23

cpe:2.3:a:jenkins:jms_messaging:1.0.23
Jenkins » Jms Messaging » Version: 1.0.24

cpe:2.3:a:jenkins:jms_messaging:1.0.24
Jenkins » Jms Messaging » Version: 1.0.25

cpe:2.3:a:jenkins:jms_messaging:1.0.25
Jenkins » Jms Messaging » Version: 1.0.26

cpe:2.3:a:jenkins:jms_messaging:1.0.26
Jenkins » Jms Messaging » Version: 1.0.27

cpe:2.3:a:jenkins:jms_messaging:1.0.27
Jenkins » Jms Messaging » Version: 1.0.28

cpe:2.3:a:jenkins:jms_messaging:1.0.28
Jenkins » Jms Messaging » Version: 1.0.29

cpe:2.3:a:jenkins:jms_messaging:1.0.29
Jenkins » Jms Messaging » Version: 1.0.3

cpe:2.3:a:jenkins:jms_messaging:1.0.3
Jenkins » Jms Messaging » Version: 1.0.30

cpe:2.3:a:jenkins:jms_messaging:1.0.30
Jenkins » Jms Messaging » Version: 1.0.31

cpe:2.3:a:jenkins:jms_messaging:1.0.31
Jenkins » Jms Messaging » Version: 1.0.32

cpe:2.3:a:jenkins:jms_messaging:1.0.32
Jenkins » Jms Messaging » Version: 1.0.33

cpe:2.3:a:jenkins:jms_messaging:1.0.33
Jenkins » Jms Messaging » Version: 1.0.34

cpe:2.3:a:jenkins:jms_messaging:1.0.34
Jenkins » Jms Messaging » Version: 1.0.35

cpe:2.3:a:jenkins:jms_messaging:1.0.35
Jenkins » Jms Messaging » Version: 1.0.36

cpe:2.3:a:jenkins:jms_messaging:1.0.36
Jenkins » Jms Messaging » Version: 1.0.37

cpe:2.3:a:jenkins:jms_messaging:1.0.37
Jenkins » Jms Messaging » Version: 1.0.38

cpe:2.3:a:jenkins:jms_messaging:1.0.38
Jenkins » Jms Messaging » Version: 1.0.39

cpe:2.3:a:jenkins:jms_messaging:1.0.39
Jenkins » Jms Messaging » Version: 1.0.4

cpe:2.3:a:jenkins:jms_messaging:1.0.4
Jenkins » Jms Messaging » Version: 1.0.40

cpe:2.3:a:jenkins:jms_messaging:1.0.40
Jenkins » Jms Messaging » Version: 1.0.5

cpe:2.3:a:jenkins:jms_messaging:1.0.5
Jenkins » Jms Messaging » Version: 1.0.6

cpe:2.3:a:jenkins:jms_messaging:1.0.6
Jenkins » Jms Messaging » Version: 1.0.7

cpe:2.3:a:jenkins:jms_messaging:1.0.7
Jenkins » Jms Messaging » Version: 1.0.8

cpe:2.3:a:jenkins:jms_messaging:1.0.8
Jenkins » Jms Messaging » Version: 1.0.9

cpe:2.3:a:jenkins:jms_messaging:1.0.9
Jenkins » Jms Messaging » Version: 1.1.0

cpe:2.3:a:jenkins:jms_messaging:1.1.0
Jenkins » Jms Messaging » Version: 1.1.1

cpe:2.3:a:jenkins:jms_messaging:1.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1003028

Products

Pricing

Contact Us