CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-10389

A missing permission check in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.1%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

http://www.openwall.com/lists/oss-security/2019/08/07/1
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1053
http://www.openwall.com/lists/oss-security/2019/08/07/1
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1053

Products affected by CVE-2019-10389

Jenkins » Relution Enterprise Appstore Publisher » Version: N/A

cpe:2.3:a:jenkins:relution_enterprise_appstore_publisher:-
Jenkins » Relution Enterprise Appstore Publisher » Version: 1.0

cpe:2.3:a:jenkins:relution_enterprise_appstore_publisher:1.0
Jenkins » Relution Enterprise Appstore Publisher » Version: 1.24

cpe:2.3:a:jenkins:relution_enterprise_appstore_publisher:1.24

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10389

Products

Pricing

Contact Us