Skip to main content

Self Organizing Swarm Modules

3 CVEs product

Monthly

CVE-2020-2192 Maven MEDIUM PATCH This Month

A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Self Organizing Swarm Modules
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-2191 Maven MEDIUM PATCH This Month

Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Jenkins Self Organizing Swarm Modules
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2019-10309 Maven CRITICAL Act Now

Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XXE Jenkins Self Organizing Swarm Modules
NVD
CVSS 3.0
9.3
EPSS
1.8%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Self Organizing Swarm Modules
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Jenkins Self Organizing Swarm Modules
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XXE Jenkins Self Organizing Swarm Modules
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy