CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16561

Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows users with Overall/Read access to disable SSL/TLS certificate and hostname validation for the entire Jenkins master JVM.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.5%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 5.5

References

Products affected by CVE-2019-16561

Jenkins » Websphere Deployer » Version: N/A

cpe:2.3:a:jenkins:websphere_deployer:-
Jenkins » Websphere Deployer » Version: 1.1

cpe:2.3:a:jenkins:websphere_deployer:1.1
Jenkins » Websphere Deployer » Version: 1.2

cpe:2.3:a:jenkins:websphere_deployer:1.2
Jenkins » Websphere Deployer » Version: 1.3.4

cpe:2.3:a:jenkins:websphere_deployer:1.3.4
Jenkins » Websphere Deployer » Version: 1.4.3

cpe:2.3:a:jenkins:websphere_deployer:1.4.3
Jenkins » Websphere Deployer » Version: 1.5.1

cpe:2.3:a:jenkins:websphere_deployer:1.5.1
Jenkins » Websphere Deployer » Version: 1.5.2

cpe:2.3:a:jenkins:websphere_deployer:1.5.2
Jenkins » Websphere Deployer » Version: 1.5.3

cpe:2.3:a:jenkins:websphere_deployer:1.5.3
Jenkins » Websphere Deployer » Version: 1.5.5

cpe:2.3:a:jenkins:websphere_deployer:1.5.5
Jenkins » Websphere Deployer » Version: 1.5.6

cpe:2.3:a:jenkins:websphere_deployer:1.5.6
Jenkins » Websphere Deployer » Version: 1.6.0

cpe:2.3:a:jenkins:websphere_deployer:1.6.0
Jenkins » Websphere Deployer » Version: 1.6.1

cpe:2.3:a:jenkins:websphere_deployer:1.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16561

Products

Pricing

Contact Us