Skip to main content
CVE-2015-5317 HIGH KEV PATCH THREAT Act Now

The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 27.4%.

Information Disclosure Jenkins
NVD VulDB
CVSS 3.1
7.5
EPSS
27.4%
CVE-2015-7287 HIGH POC This Week

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Gprs Cs2300 R Firmware
NVD
CVSS 2.0
7.5
EPSS
5.7%
CVE-2015-5325 HIGH PATCH This Week

Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master access restrictions by leveraging a JNLP slave. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Jenkins Authentication Bypass Openshift
NVD
CVSS 2.0
7.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy