Skip to main content

Chaos Monkey

2 CVEs product

Monthly

CVE-2020-2323 Maven MEDIUM PATCH This Month

Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Chaos Monkey
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-2322 Maven HIGH PATCH This Week

Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Chaos Monkey
NVD
CVSS 3.1
7.5
EPSS
1.3%
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Chaos Monkey
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Chaos Monkey
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy