CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Jenkins >> 2.159 Security Vulnerabilities

CVE-2019-1003004

An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.

CVSS Score

7.2

EPSS Score

0.021

Published

2019-01-22

Page 11

Vulnerabilities

Vulnerable Software

Jenkins: >> Jenkins >> 2.159 Security Vulnerabilities

Products

Pricing

Contact Us