CVE-2012-6073
Jenkins: open redirect
Severity Score
5.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Open redirect vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Vulnerabilidad de redirección abierta en Jenkins en versiones anteriores a 1.491, Jenkins LTS en versiones anteriores a 1.480.1 y Jenkins Enterprise 1.424.x en versiones anteriores a 1.424.6.13, 1.447.x en versiones anteriores a 1.447.4.1 y 1.466.x en versiones anteriores a 1.466.10.1 permite a atacantes remotos redirigir a los usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing a través de vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-12-06 CVE Reserved
- 2013-02-01 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2012/12/28/1 | Mailing List |
|
| https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0220.html | 2018-10-30 | |
| http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb | 2018-10-30 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=890608 | 2013-01-31 | |
| https://access.redhat.com/security/cve/CVE-2012-6073 | 2013-01-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.447.1.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.447.1.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.447.2.2 Search vendor "Cloudbees" for product "Jenkins" and version "1.447.2.2" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.447.3.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.447.3.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.400 Search vendor "Cloudbees" for product "Jenkins" and version "1.400" | lts |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424 Search vendor "Cloudbees" for product "Jenkins" and version "1.424" | lts |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.447 Search vendor "Cloudbees" for product "Jenkins" and version "1.447" | lts |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | <= 1.466.2 Search vendor "Jenkins" for product "Jenkins" and version " <= 1.466.2" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.409.1 Search vendor "Jenkins" for product "Jenkins" and version "1.409.1" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.409.2 Search vendor "Jenkins" for product "Jenkins" and version "1.409.2" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.409.3 Search vendor "Jenkins" for product "Jenkins" and version "1.409.3" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.1 Search vendor "Jenkins" for product "Jenkins" and version "1.424.1" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.2 Search vendor "Jenkins" for product "Jenkins" and version "1.424.2" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.3 Search vendor "Jenkins" for product "Jenkins" and version "1.424.3" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.4 Search vendor "Jenkins" for product "Jenkins" and version "1.424.4" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.5 Search vendor "Jenkins" for product "Jenkins" and version "1.424.5" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.6 Search vendor "Jenkins" for product "Jenkins" and version "1.424.6" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.447.1 Search vendor "Jenkins" for product "Jenkins" and version "1.447.1" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.447.2 Search vendor "Jenkins" for product "Jenkins" and version "1.447.2" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.466.1 Search vendor "Jenkins" for product "Jenkins" and version "1.466.1" | - |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424.0.2 Search vendor "Cloudbees" for product "Jenkins" and version "1.424.0.2" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424.0.4 Search vendor "Cloudbees" for product "Jenkins" and version "1.424.0.4" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424.1.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.424.1.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424.2.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.424.2.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424.4.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.424.4.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424.5.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.424.5.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424.6.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.424.6.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424.6.11 Search vendor "Cloudbees" for product "Jenkins" and version "1.424.6.11" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | <= 1.480.3.1 Search vendor "Cloudbees" for product "Jenkins" and version " <= 1.480.3.1" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.400 Search vendor "Jenkins" for product "Jenkins" and version "1.400" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.401 Search vendor "Jenkins" for product "Jenkins" and version "1.401" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.402 Search vendor "Jenkins" for product "Jenkins" and version "1.402" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.403 Search vendor "Jenkins" for product "Jenkins" and version "1.403" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.404 Search vendor "Jenkins" for product "Jenkins" and version "1.404" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.405 Search vendor "Jenkins" for product "Jenkins" and version "1.405" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.406 Search vendor "Jenkins" for product "Jenkins" and version "1.406" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.407 Search vendor "Jenkins" for product "Jenkins" and version "1.407" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.408 Search vendor "Jenkins" for product "Jenkins" and version "1.408" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.409 Search vendor "Jenkins" for product "Jenkins" and version "1.409" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.410 Search vendor "Jenkins" for product "Jenkins" and version "1.410" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.411 Search vendor "Jenkins" for product "Jenkins" and version "1.411" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.412 Search vendor "Jenkins" for product "Jenkins" and version "1.412" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.413 Search vendor "Jenkins" for product "Jenkins" and version "1.413" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.414 Search vendor "Jenkins" for product "Jenkins" and version "1.414" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.415 Search vendor "Jenkins" for product "Jenkins" and version "1.415" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.416 Search vendor "Jenkins" for product "Jenkins" and version "1.416" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.417 Search vendor "Jenkins" for product "Jenkins" and version "1.417" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.418 Search vendor "Jenkins" for product "Jenkins" and version "1.418" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.419 Search vendor "Jenkins" for product "Jenkins" and version "1.419" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.420 Search vendor "Jenkins" for product "Jenkins" and version "1.420" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.421 Search vendor "Jenkins" for product "Jenkins" and version "1.421" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.422 Search vendor "Jenkins" for product "Jenkins" and version "1.422" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.423 Search vendor "Jenkins" for product "Jenkins" and version "1.423" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424 Search vendor "Jenkins" for product "Jenkins" and version "1.424" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.425 Search vendor "Jenkins" for product "Jenkins" and version "1.425" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.426 Search vendor "Jenkins" for product "Jenkins" and version "1.426" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.427 Search vendor "Jenkins" for product "Jenkins" and version "1.427" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.428 Search vendor "Jenkins" for product "Jenkins" and version "1.428" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.429 Search vendor "Jenkins" for product "Jenkins" and version "1.429" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.430 Search vendor "Jenkins" for product "Jenkins" and version "1.430" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.431 Search vendor "Jenkins" for product "Jenkins" and version "1.431" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.432 Search vendor "Jenkins" for product "Jenkins" and version "1.432" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.433 Search vendor "Jenkins" for product "Jenkins" and version "1.433" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.434 Search vendor "Jenkins" for product "Jenkins" and version "1.434" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.435 Search vendor "Jenkins" for product "Jenkins" and version "1.435" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.436 Search vendor "Jenkins" for product "Jenkins" and version "1.436" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.437 Search vendor "Jenkins" for product "Jenkins" and version "1.437" | - |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.466.1.2 Search vendor "Cloudbees" for product "Jenkins" and version "1.466.1.2" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.466.2.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.466.2.1" | enterprise |
Affected
| ||||||