CVE-2014-3679

The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
jenkins-cimonitoring_plugin
𝑥
≤ 1.52.1
jenkins-cimonitoring_plugin
1.40.0
jenkins-cimonitoring_plugin
1.41.0
jenkins-cimonitoring_plugin
1.42.0
jenkins-cimonitoring_plugin
1.43.0
jenkins-cimonitoring_plugin
1.44.0
jenkins-cimonitoring_plugin
1.45.0
jenkins-cimonitoring_plugin
1.46.0
jenkins-cimonitoring_plugin
1.47.0
jenkins-cimonitoring_plugin
1.48.0
jenkins-cimonitoring_plugin
1.49.0
jenkins-cimonitoring_plugin
1.50.0
jenkins-cimonitoring_plugin
1.51.0
jenkins-cimonitoring_plugin
1.52.0
𝑥
= Vulnerable software versions
References
https://wiki.jenkins-ci.org/display/JENKINS/Monitoring
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
https://wiki.jenkins-ci.org/display/JENKINS/Monitoring
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01