CVE-2019-11403
 
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page.
En Gradle Enterprise versiones anteriores a 2018.5.2, Build Cache Nodes reflejaría la contraseña configurada al ver el código fuente HTML de la página de configuración.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-04-21 CVE Reserved
- 2019-04-21 CVE Published
- 2023-05-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://gradle.com/enterprise/releases/2018.5/#changes-2 | 2023-01-20 | |
https://security.gradle.com/advisory/CVE-2019-11403 | 2023-01-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Gradle Search vendor "Gradle" | Build Cache Node Search vendor "Gradle" for product "Build Cache Node" | < 5.2 Search vendor "Gradle" for product "Build Cache Node" and version " < 5.2" | - |
Affected
| ||||||
Gradle Search vendor "Gradle" | Enterprise Search vendor "Gradle" for product "Enterprise" | < 2018.5.2 Search vendor "Gradle" for product "Enterprise" and version " < 2018.5.2" | - |
Affected
|