Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-10340

A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.1%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
Products affected by CVE-2019-10340
  • Jenkins » Docker » Version: 0.1
    cpe:2.3:a:jenkins:docker:0.1
  • Jenkins » Docker » Version: 0.10.0
    cpe:2.3:a:jenkins:docker:0.10.0
  • Jenkins » Docker » Version: 0.10.1
    cpe:2.3:a:jenkins:docker:0.10.1
  • Jenkins » Docker » Version: 0.10.2
    cpe:2.3:a:jenkins:docker:0.10.2
  • Jenkins » Docker » Version: 0.11.0
    cpe:2.3:a:jenkins:docker:0.11.0
  • Jenkins » Docker » Version: 0.12.0
    cpe:2.3:a:jenkins:docker:0.12.0
  • Jenkins » Docker » Version: 0.12.1
    cpe:2.3:a:jenkins:docker:0.12.1
  • Jenkins » Docker » Version: 0.13.0
    cpe:2.3:a:jenkins:docker:0.13.0
  • Jenkins » Docker » Version: 0.14.0
    cpe:2.3:a:jenkins:docker:0.14.0
  • Jenkins » Docker » Version: 0.15.0
    cpe:2.3:a:jenkins:docker:0.15.0
  • Jenkins » Docker » Version: 0.16.0
    cpe:2.3:a:jenkins:docker:0.16.0
  • Jenkins » Docker » Version: 0.16.1
    cpe:2.3:a:jenkins:docker:0.16.1
  • Jenkins » Docker » Version: 0.16.2
    cpe:2.3:a:jenkins:docker:0.16.2
  • Jenkins » Docker » Version: 0.17
    cpe:2.3:a:jenkins:docker:0.17
  • Jenkins » Docker » Version: 0.18
    cpe:2.3:a:jenkins:docker:0.18
  • Jenkins » Docker » Version: 0.3.1
    cpe:2.3:a:jenkins:docker:0.3.1
  • Jenkins » Docker » Version: 0.3.2
    cpe:2.3:a:jenkins:docker:0.3.2
  • Jenkins » Docker » Version: 0.3.3
    cpe:2.3:a:jenkins:docker:0.3.3
  • Jenkins » Docker » Version: 0.3.4
    cpe:2.3:a:jenkins:docker:0.3.4
  • Jenkins » Docker » Version: 0.3.5
    cpe:2.3:a:jenkins:docker:0.3.5
  • Jenkins » Docker » Version: 0.4
    cpe:2.3:a:jenkins:docker:0.4
  • Jenkins » Docker » Version: 0.5
    cpe:2.3:a:jenkins:docker:0.5
  • Jenkins » Docker » Version: 0.6
    cpe:2.3:a:jenkins:docker:0.6
  • Jenkins » Docker » Version: 0.6.1
    cpe:2.3:a:jenkins:docker:0.6.1
  • Jenkins » Docker » Version: 0.6.2
    cpe:2.3:a:jenkins:docker:0.6.2
  • Jenkins » Docker » Version: 0.7
    cpe:2.3:a:jenkins:docker:0.7
  • Jenkins » Docker » Version: 0.8
    cpe:2.3:a:jenkins:docker:0.8
  • Jenkins » Docker » Version: 0.9.0
    cpe:2.3:a:jenkins:docker:0.9.0
  • Jenkins » Docker » Version: 0.9.1
    cpe:2.3:a:jenkins:docker:0.9.1
  • Jenkins » Docker » Version: 0.9.2
    cpe:2.3:a:jenkins:docker:0.9.2
  • Jenkins » Docker » Version: 0.9.3
    cpe:2.3:a:jenkins:docker:0.9.3
  • Jenkins » Docker » Version: 0.9.4
    cpe:2.3:a:jenkins:docker:0.9.4
  • Jenkins » Docker » Version: 1.0.0
    cpe:2.3:a:jenkins:docker:1.0.0
  • Jenkins » Docker » Version: 1.0.1
    cpe:2.3:a:jenkins:docker:1.0.1
  • Jenkins » Docker » Version: 1.0.2
    cpe:2.3:a:jenkins:docker:1.0.2
  • Jenkins » Docker » Version: 1.0.3
    cpe:2.3:a:jenkins:docker:1.0.3
  • Jenkins » Docker » Version: 1.0.4
    cpe:2.3:a:jenkins:docker:1.0.4
  • Jenkins » Docker » Version: 1.1
    cpe:2.3:a:jenkins:docker:1.1
  • Jenkins » Docker » Version: 1.1.1
    cpe:2.3:a:jenkins:docker:1.1.1
  • Jenkins » Docker » Version: 1.1.2
    cpe:2.3:a:jenkins:docker:1.1.2
  • Jenkins » Docker » Version: 1.1.3
    cpe:2.3:a:jenkins:docker:1.1.3
  • Jenkins » Docker » Version: 1.1.4
    cpe:2.3:a:jenkins:docker:1.1.4
  • Jenkins » Docker » Version: 1.1.5
    cpe:2.3:a:jenkins:docker:1.1.5
  • Jenkins » Docker » Version: 1.1.6
    cpe:2.3:a:jenkins:docker:1.1.6


Products
Pricing
Contact Us

Shodan ® - All rights reserved