VDB

CVE-2024-43045

CVE-2024-43045 PUBLISHED

Jenkins LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".

EPSS 0.57% · 68.8th percentile

Risk Scores

EPSS Score
0.57%
68.8th percentile

Affected Products

VendorProductVersions
Bitnamijenkins0, 2.463.0
Bitnamijenkins2.463.0, 0

Timeline

  • Aug 7, 2024 CVE Published
  • Aug 13, 2024 EPSS Score
  • Sep 3, 2024 EPSS Score
  • Sep 24, 2024 EPSS Score
  • Oct 4, 2024 Coalition ESS Score
  • Oct 14, 2024 EPSS Score
  • Nov 4, 2024 EPSS Score
  • Nov 25, 2024 EPSS Score
  • Dec 17, 2024 EPSS Score
  • Jan 7, 2025 EPSS Score
  • Feb 17, 2025 EPSS Score
  • Feb 23, 2025 Coalition ESS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›