Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an API token of another user.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2015-11-25T20:00:00
Updated: 2016-06-09T16:57:01
Reserved: 2015-07-01T00:00:00
Link: CVE-2015-5323
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-11-25T20:59:14.730
Modified: 2019-12-17T17:41:03.340
Link: CVE-2015-5323
JSON object: View
Redhat Information
No data.
CWE