CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jun 2, 2023
Description
Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the "Fingerprints" pages.
EPSS — Exploit Probability
27.4%
Higher than 96.3% of all CVEs
Required Action
https://www.jenkins.io/security/advisory/2015-11-11/; https://nvd.nist.gov/vuln/detail/CVE-2015-5317
Risk Assessment
ELEVATEDIn CISA KEV
Details
- Severity
- High
- EPSS
- 27.4%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
May 12, 2023
Added to KEV
May 12, 2023
Remediation Due
Jun 2, 2023