Vulnerabilities > CVE-2018-1000192
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
A information exposure vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in AboutJenkins.java, ListPluginsCommand.java that allows users with Overall/Read access to enumerate all installed plugins.
Vulnerable Configurations
Nessus
| NASL family | CGI abuses |
| NASL id | JENKINS_2_121.NASL |
| description | The remote web server hosts a version of Jenkins that is prior to 2.121, or a version of Jenkins LTS prior to 2.107.3. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in the AboutJenkins.java & ListPluginsCommand.java classes of Jenkins. An unauthenticated, remote attacker can exploit this to disclose installed plugins on the remote server (CVE-2018-1000192). - A directory traversal vulnerability exists in the FilePath.java & SoloFilePathFilter.java classes of Jenkins. An unauthenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters, to disclose the contents of files located outside of the server |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 125734 |
| published | 2019-06-05 |
| reporter | This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/125734 |
| title | Jenkins < 2.121 / < 2.107.3 (LTS) Multiple Vulnerabilities |