VDB
CVE-2021-21688
CVE-2021-21688
PUBLISHED
The agent-to-controller security check FilePath#reading(FileVisitor) in Jenkins LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, FilePath#copyRecursiveTo).
EPSS 0.35% · 57.9th percentile
Risk Scores
EPSS Score
0.35%
57.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | jenkins | 0 |
| Bitnami | jenkins | 0 |
Timeline
- Nov 4, 2021 CVE Published
- Nov 5, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 21, 2022 EPSS Score
- Aug 12, 2022 EPSS Score
- Oct 6, 2022 EPSS Score
- Jan 26, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 17, 2023 EPSS Score
- Jul 12, 2023 EPSS Score