Vulnerability Details CVE-2021-21671
Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 88.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.1
References
Products affected by CVE-2021-21671
-
cpe:2.3:a:jenkins:jenkins:2.270
-
cpe:2.3:a:jenkins:jenkins:2.274
-
cpe:2.3:a:jenkins:jenkins:2.276
-
cpe:2.3:a:jenkins:jenkins:2.277.1
-
cpe:2.3:a:jenkins:jenkins:2.277.2
-
cpe:2.3:a:jenkins:jenkins:2.277.3
-
cpe:2.3:a:jenkins:jenkins:2.277.4
-
cpe:2.3:a:jenkins:jenkins:2.289.1
-
cpe:2.3:a:jenkins:jenkins:2.299