Vulnerabilities > CVE-2018-1000192

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
jenkins
oracle
nessus

Summary

A information exposure vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in AboutJenkins.java, ListPluginsCommand.java that allows users with Overall/Read access to enumerate all installed plugins.

Vulnerable Configurations

Part Description Count
Application
Jenkins
1761
Application
Oracle
1

Nessus

NASL familyCGI abuses
NASL idJENKINS_2_121.NASL
descriptionThe remote web server hosts a version of Jenkins that is prior to 2.121, or a version of Jenkins LTS prior to 2.107.3. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in the AboutJenkins.java & ListPluginsCommand.java classes of Jenkins. An unauthenticated, remote attacker can exploit this to disclose installed plugins on the remote server (CVE-2018-1000192). - A directory traversal vulnerability exists in the FilePath.java & SoloFilePathFilter.java classes of Jenkins. An unauthenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters, to disclose the contents of files located outside of the server
last seen2020-06-01
modified2020-06-02
plugin id125734
published2019-06-05
reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/125734
titleJenkins < 2.121 / < 2.107.3 (LTS) Multiple Vulnerabilities