CVE-2013-2034

Multiple cross-site request forgery (CSRF) vulnerabilities in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary code or (2) initiate deployment of binaries to a Maven repository via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cloudbees:jenkins:*:*:*:*:*:*:*:*
cpe:2.3:a:cloudbees:jenkins:1.466:*:*:*:enterprise:*:*:*
cpe:2.3:a:cloudbees:jenkins:1.480:*:*:*:enterprise:*:*:*
cpe:2.3:a:cloudbees:jenkins:1.509:*:*:*:lts:*:*:*

Information

Published : 2014-05-14 12:55

Updated : 2023-02-12 20:42


NVD link : CVE-2013-2034

Mitre link : CVE-2013-2034


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

cloudbees

  • jenkins