CVE-2013-0329

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2013-0329
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://rhn.redhat.com/errata/RHSA-2013-0638.html
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/02/21/7
https://bugzilla.redhat.com/show_bug.cgi?id=914877
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*

Configuration 2 (hide)

cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
History

13 Feb 2023, 04:41

Type Values Removed Values Added
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2013-0329', 'name': 'https://access.redhat.com/security/cve/CVE-2013-0329', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2013:0638', 'name': 'https://access.redhat.com/errata/RHSA-2013:0638', 'tags': [], 'refsource': 'MISC'}
Summary CVE-2013-0329 jenkins: cross-site request forgery (CSRF) protection mechanism bypass Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.

02 Feb 2023, 16:15

Type Values Removed Values Added
References
  • (MISC) https://access.redhat.com/security/cve/CVE-2013-0329 -
  • (MISC) https://access.redhat.com/errata/RHSA-2013:0638 -
Summary Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors. CVE-2013-0329 jenkins: cross-site request forgery (CSRF) protection mechanism bypass
Information

Published : 2013-03-19 14:55

Updated : 2023-12-10 11:16

NVD link : CVE-2013-0329

Mitre link : CVE-2013-0329

CVE.ORG link : CVE-2013-0329

JSON object : View

Products Affected

jenkins

  • jenkins
CWE
NVD-CWE-noinfo