CVE-2015-5317

HIGH KEV

Jenkins <1.638-1.625.2 - Info Disclosure

Title source: llm

Description

The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.

References (4)

Scores

CVSS v3 7.5
EPSS 0.3970
EPSS Percentile 97.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CISA KEV 2023-05-12
VulnCheck KEV 2023-05-12
InTheWild.io 2023-05-12
ENISA EUVD EUVD-2015-5288
CWE
CWE-200
Status published
Products (5)
jenkins/jenkins < 1.625.1
jenkins/jenkins < 1.637
org.jenkins-ci.main/jenkins-core 0 - 1.625.2Maven
redhat/openshift 2.0
redhat/openshift < 3.1
Published Nov 25, 2015
KEV Added May 12, 2023
Tracked Since Feb 18, 2026