CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-34146

Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.7%

CVSS Severity

CVSS v3 Score 6.5

References

http://www.openwall.com/lists/oss-security/2024/05/02/3
https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342
http://www.openwall.com/lists/oss-security/2024/05/02/3
https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342

Products affected by CVE-2024-34146

Jenkins » Git Server » Version: 99.va_0826a_b_cdfa_d

cpe:2.3:a:jenkins:git_server:99.va_0826a_b_cdfa_d

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-34146

Products

Pricing

Contact Us