CSRF-атака в Jenkins and LTS
| Дата публикации: | 13.01.2022 |
| Всего просмотров: | 449 |
| Опасность: | Низкая |
| Наличие исправления: | Да |
| Количество уязвимостей: | 1 |
| CVSSv3.1 рейтинг: | 6.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C] |
| CVE ID: | CVE-2022-20612 |
| Вектор эксплуатации: | Удаленная |
| Воздействие: |
Межсайтовый скриптинг Обход ограничений безопасности |
| CWE ID: | Нет данных |
| Наличие эксплоита: | Нет данных |
| Уязвимые продукты: |
jenkins (Red Hat package)
jenkins-2-plugins (Red Hat package) jenkins-statsd Jenkins LTS Jenkins CI Jenkins 1.x |
| Уязвимые версии: | Jenkins версии 2.329, 2.328, 2.327, 2.326, 2.325, 2.324, 2.319.1, 2.323, 2.322, 2.321, 2.320, 2.319, 2.303.3, 2.318, 2.317, 2.316, 2.303.2, 2.315, 2.314, 2.313, 2.312, 2.311, 2.310, 2.309, 2.303.1, 2.308, 2.307, 2.306, 2.305, 2.289.3, 2.304, 2.303, 2.302, 2.301, 2.289.2, 2.300, 2.299, 2.298, 2.297, 2.289.1, 2.296, 2.295, 2.294, 2.293, 2.292, 2.277.4, 2.291, 2.290, 2.277.3, 2.289, 2.288, 2.277.2, 2.287, 2.285, 2.286, 2.284, 2.277.1, 2.283, 2.282, 2.281, 2.280, 2.263.4, 2.279, 2.278, 2.277, 2.263.3, 2.276, 2.275, 2.274, 2.273, 2.272, 2.263.2, 2.271, 2.270, 2.263.1, 2.269, 2.268, 2.267, 2.266, 2.249.3, 2.265, 2.264, 2.263, 2.262, 2.261, 2.249.2, 2.260, 2.259, 2.258, 2.257, 2.249.1, 2.256, 2.255, 2.254, 2.253, 2.235.5, 2.235.4, 2.252, 2.251, 2.250, 2.235.3, 2.249, 2.248, 2.235.2, 2.246, 2.247, 2.245, 2.244, 2.243, 2.242, 2.241, 2.235.1, 2.240, 2.239, 2.222.4, 2.237, 2.238, 2.236, 2.235, 2.234, 2.222.3, 2.233, 2.232, 2.231, 2.230, 2.229, 2.204.6, 2.222.1, 2.228, 2.227, 2.226, 2.225, 2.224, 2.204.5, 2.204.4, 2.223, 2.204.3, 2.222, 2.221, 2.220, 2.204.2, 2.219, 2.218, 2.217, 2.216, 2.215, 2.214, 2.213, 2.212, 2.211, 2.210, 2.204.1, 2.209, 2.208, 2.207, 2.206, 2.190.3, 2.205, 2.204, 2.203, 2.190.2, 2.202, 2.201, 2.200, 2.199, 2.198, 2.176.4, 2.190.1, 2.197, 2.196, 2.195, 2.194, 2.193, 2.176.3, 2.190, 2.191, 2.192, 2.189, 2.187, 2.186, 2.185, 2.184, 2.183, 2.182, 2.181, 2.180, 2.179, 2.178, 2.177, 2.176.2, 2.176.1, 2.176, 2.175, 2.174, 2.173, 2.172, 2.171, 2.170, 2.169, 2.168, 2.167, 2.166, 2.165, 2.164.3, 2.164.2, 2.164.1, 2.164, 2.163, 2.162, 2.161, 2.159, 2.150.3, 2.150.2, 2.138.3, 2.138.2, 2.138.1, 2.107.3, 2.107.2, 2.107.1, 2.92, 2.91, 2.90, 2.89.4, 2.89.3, 2.89.2, 2.89.1, 2.89, 2.88, 2.87, 2.86, 2.85, 2.84, 2.83, 2.82, 2.81, 2.80, 2.79, 2.78, 2.77, 2.76, 2.75, 2.74, 2.73.3, 2.73.2, 2.73.1, 2.73, 2.72, 2.71, 2.70, 2.69, 2.68, 2.67, 2.66, 2.65, 2.64, 2.63, 2.62, 2.61, 2.60.3, 2.60.2, 2.60.1, 2.60, 2.59, 2.58, 2.57, 2.46.3, 2.46.2, 2.46.1, 2.40, 2.32.3, 2.32.2, 2.32.1, 2.19.4, 2.19.1, 2.16, 2.15, 2.14, 2.13, 2.12, 2.11, 2.10, 2.7.4, 2.7.3, 2.7.2, 2.7.1, 2.5, 2.0, 2.158, 2.157, 2.156, 2.155, 2.150.1, 2.138.4, 2.154, 2.153, 2.152, 2.151, 2.149, 2.148, 2.147, 2.146, 2.145, 2.144, 2.143, 2.142, 2.141, 2.139, 2.121.3, 2.138, 2.137, 2.136, 2.135, 2.121.2, 2.121.1, 2.134, 2.133, 2.132, 2.131, 2.129, 2.128, 2.127, 2.126, 2.125, 2.124, 2.123, 2.122, 2.121, 2.119, 2.118, 2.117, 2.116, 2.115, 2.114, 2.113, 2.112, 2.111, 2.109, 2.108, 2.107, 2.93, 2.94, 2.95, 2.96, 2.97, 2.98, 2.99, 2.105, 2.104, 2.103, 2.102, 2.101, 2.106, 2.56, 2.55, 2.54, 2.53, 2.52, 2.51, 2.49, 2.48, 2.47, 2.46, 2.45, 2.44, 2.43, 2.42, 2.41, 2.39, 2.38, 2.37, 2.36, 2.35, 2.34, 2.33, 2.19.3, 2.19.2 Jenkins LTS версии 2.319.1, 2.303.3, 2.303.2, 2.303.1, 2.289.3, 2.289.2, 2.289.1, 2.277.4, 2.277.3, 2.277.2, 2.277.1, 2.263.4, 2.263.3, 2.263.2, 2.263.1, 2.249.3, 2.249.2, 2.249.1, 2.235.5, 2.235.4, 2.235.3, 2.235.2, 2.235.1, 2.222.4, 2.222.3, 2.222.2, 2.222.1, 2.204.6, 2.204.5, 2.204.4, 2.204.3, 2.204.2, 2.204.1, 2.190.3, 2.190.2, 2.190.1, 2.176.4, 2.176.3, 2.19.4, 2.19.3, 2.19.2, 2.19.1, 2.7.4, 2.7.3, 2.7.2, 2.7.1, 1.651.3, 1.651.2, 1.651.1, 1.642.4, 1.642.3, 1.642.2, 1.642.1, 1.625.3, 1.625.2, 1.625.1, 1.609.3, 1.609.2, 1.609.1, 1.596.3, 1.596.2, 1.596.1, 1.580.3, 1.580.2, 1.580.1, 1.565.3, 1.565.2, 1.565.1, 1.554.3, 1.554.2, 1.554.1, 1.532.3, 1.532.2, 1.532.1, 1.509.4, 1.509.3, 1.509.2, 1.509.1, 1.480.3, 1.480.2, 1.480.1, 1.466.2, 1.466.1, 1.447.2, 1.447.1, 1.424.6, 1.424.5, 1.424.4, 1.424.3, 1.424.2, 1.424.1, 1.409.3, 1.409.2, 1.409.1, 2.176.2, 2.176.1, 2.164.3, 2.164.2, 2.164.1, 2.150.3, 2.150.2, 2.150.1, 2.138.4, 2.138.3, 2.138.2, 2.138.1, 2.121.3, 2.121.2, 2.121.1, 2.107.3, 2.107.2, 2.107.1, 2.89.4, 2.89.3, 2.89.2, 2.89.1, 2.73.3, 2.73.2, 2.73.1, 2.60.3, 2.60.2, 2.60.1, 2.46.3, 2.46.2, 2.46.1, 2.32.3, 2.32.2, 2.32.1 |
| Описание: | CSRF-атака в Jenkins and LTS |
| Решение: | Установите исправление с сайта производителя. |
| Ссылки: | https://jenkins.io/security/advisory/2022-01-12/ |