CVE-2013-0158
jenkins: remote unauthenticated retrieval of master cryptographic key (Jenkins Security Advisory 2013-01-04)
Severity Score
2.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.
Vulnerabilidad no especificada en Jenkins en versiones anteriores a 1.498, Jenkins LTS en versiones anteriores a 1.480.2 y Jenkins Enterprise 1.447.x en versiones anteriores a 1.447.6.1 y 1.466.x en versiones anteriores a 1.466.12.1, cuando se conecta un esclavo y el acceso de lectura anónima está habilitado, permite a atacantes remotos obtener la clave de cifrado maestra a través de vectores desconocidos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-12-06 CVE Reserved
- 2013-02-01 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/01/07/4 | Mailing List |
|
| https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04 | X_refsource_confirm | |
| https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5 | X_refsource_confirm | |
| https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602 | X_refsource_confirm | |
| https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd | X_refsource_confirm | |
| https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | <= 1.480.3.1 Search vendor "Cloudbees" for product "Jenkins" and version " <= 1.480.3.1" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.400 Search vendor "Jenkins" for product "Jenkins" and version "1.400" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.401 Search vendor "Jenkins" for product "Jenkins" and version "1.401" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.402 Search vendor "Jenkins" for product "Jenkins" and version "1.402" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.403 Search vendor "Jenkins" for product "Jenkins" and version "1.403" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.404 Search vendor "Jenkins" for product "Jenkins" and version "1.404" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.405 Search vendor "Jenkins" for product "Jenkins" and version "1.405" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.406 Search vendor "Jenkins" for product "Jenkins" and version "1.406" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.407 Search vendor "Jenkins" for product "Jenkins" and version "1.407" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.408 Search vendor "Jenkins" for product "Jenkins" and version "1.408" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.409 Search vendor "Jenkins" for product "Jenkins" and version "1.409" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.410 Search vendor "Jenkins" for product "Jenkins" and version "1.410" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.411 Search vendor "Jenkins" for product "Jenkins" and version "1.411" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.412 Search vendor "Jenkins" for product "Jenkins" and version "1.412" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.413 Search vendor "Jenkins" for product "Jenkins" and version "1.413" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.414 Search vendor "Jenkins" for product "Jenkins" and version "1.414" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.415 Search vendor "Jenkins" for product "Jenkins" and version "1.415" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.416 Search vendor "Jenkins" for product "Jenkins" and version "1.416" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.417 Search vendor "Jenkins" for product "Jenkins" and version "1.417" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.418 Search vendor "Jenkins" for product "Jenkins" and version "1.418" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.419 Search vendor "Jenkins" for product "Jenkins" and version "1.419" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.420 Search vendor "Jenkins" for product "Jenkins" and version "1.420" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.421 Search vendor "Jenkins" for product "Jenkins" and version "1.421" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.422 Search vendor "Jenkins" for product "Jenkins" and version "1.422" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.423 Search vendor "Jenkins" for product "Jenkins" and version "1.423" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424 Search vendor "Jenkins" for product "Jenkins" and version "1.424" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.425 Search vendor "Jenkins" for product "Jenkins" and version "1.425" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.426 Search vendor "Jenkins" for product "Jenkins" and version "1.426" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.427 Search vendor "Jenkins" for product "Jenkins" and version "1.427" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.428 Search vendor "Jenkins" for product "Jenkins" and version "1.428" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.429 Search vendor "Jenkins" for product "Jenkins" and version "1.429" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.430 Search vendor "Jenkins" for product "Jenkins" and version "1.430" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.431 Search vendor "Jenkins" for product "Jenkins" and version "1.431" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.432 Search vendor "Jenkins" for product "Jenkins" and version "1.432" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.433 Search vendor "Jenkins" for product "Jenkins" and version "1.433" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.434 Search vendor "Jenkins" for product "Jenkins" and version "1.434" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.435 Search vendor "Jenkins" for product "Jenkins" and version "1.435" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.436 Search vendor "Jenkins" for product "Jenkins" and version "1.436" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.437 Search vendor "Jenkins" for product "Jenkins" and version "1.437" | - |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.466.1.2 Search vendor "Cloudbees" for product "Jenkins" and version "1.466.1.2" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.466.2.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.466.2.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.400 Search vendor "Cloudbees" for product "Jenkins" and version "1.400" | lts |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.424 Search vendor "Cloudbees" for product "Jenkins" and version "1.424" | lts |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.447 Search vendor "Cloudbees" for product "Jenkins" and version "1.447" | lts |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | <= 1.466.2 Search vendor "Jenkins" for product "Jenkins" and version " <= 1.466.2" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.409.1 Search vendor "Jenkins" for product "Jenkins" and version "1.409.1" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.409.2 Search vendor "Jenkins" for product "Jenkins" and version "1.409.2" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.409.3 Search vendor "Jenkins" for product "Jenkins" and version "1.409.3" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.1 Search vendor "Jenkins" for product "Jenkins" and version "1.424.1" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.2 Search vendor "Jenkins" for product "Jenkins" and version "1.424.2" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.3 Search vendor "Jenkins" for product "Jenkins" and version "1.424.3" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.4 Search vendor "Jenkins" for product "Jenkins" and version "1.424.4" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.5 Search vendor "Jenkins" for product "Jenkins" and version "1.424.5" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.424.6 Search vendor "Jenkins" for product "Jenkins" and version "1.424.6" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.447.1 Search vendor "Jenkins" for product "Jenkins" and version "1.447.1" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.447.2 Search vendor "Jenkins" for product "Jenkins" and version "1.447.2" | - |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | 1.466.1 Search vendor "Jenkins" for product "Jenkins" and version "1.466.1" | - |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.447.1.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.447.1.1" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.447.2.2 Search vendor "Cloudbees" for product "Jenkins" and version "1.447.2.2" | enterprise |
Affected
| ||||||
| Cloudbees Search vendor "Cloudbees" | Jenkins Search vendor "Cloudbees" for product "Jenkins" | 1.447.3.1 Search vendor "Cloudbees" for product "Jenkins" and version "1.447.3.1" | enterprise |
Affected
| ||||||