CVE-2015-1807
jenkins: directory traversal from artifacts via symlink (SECURITY-162)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions to read arbitrary files via a symlink, related to building artifacts.
Vulnerabilidad de salto de directorio en Jenkins en versiones anteriores a 1.600 y LTS en versiones anteriores a 1.596.1 permite a usuarios remotos autenticados con ciertos permisos para leer archivos arbitrarios a través de un enlace simbólico, relacionado con los objetos de construcción.
It was found that when building artifacts, the Jenkins server would follow symbolic links, potentially resulting in disclosure of information on the server.
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Space precludes documenting all of the bug fixes in this advisory. See the OpenShift Enterprise Technical Notes, which will be updated shortly for release 2.2.7, for details about these changes. The following security issues are addressed in this release: A flaw was found in the Jenkins API token-issuing service. The service was not properly protected against anonymous users, potentially allowing remote attackers to escalate privileges.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-02-17 CVE Reserved
- 2015-10-01 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-59: Improper Link Resolution Before File Access ('Link Following')
CAPEC
References (5)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1844.html | 2016-06-15 | |
| https://access.redhat.com/errata/RHSA-2016:0070 | 2016-06-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1205622 | 2016-01-26 | |
| https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27 | 2016-06-15 | |
| https://access.redhat.com/security/cve/CVE-2015-1807 | 2016-01-26 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | <= 1.580.3 Search vendor "Jenkins" for product "Jenkins" and version " <= 1.580.3" | lts |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | <= 1.599 Search vendor "Jenkins" for product "Jenkins" and version " <= 1.599" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openshift Search vendor "Redhat" for product "Openshift" | <= 3.1 Search vendor "Redhat" for product "Openshift" and version " <= 3.1" | enterprise |
Affected
| ||||||