SecuritySpace - CVE-2015-5320

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2015-5320

Description: Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain administrative access by leveraging knowledge of the name of a slave.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-5320
RedHat Security Advisories: RHSA-2016:0070
https://access.redhat.com/errata/RHSA-2016:0070
RedHat Security Advisories: RHSA-2016:0489
http://rhn.redhat.com/errata/RHSA-2016-0489.html

CVE ID:	CVE-2015-5320
Description:	Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain administrative access by leveraging knowledge of the name of a slave.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5320 RedHat Security Advisories: RHSA-2016:0070 https://access.redhat.com/errata/RHSA-2016:0070 RedHat Security Advisories: RHSA-2016:0489 http://rhn.redhat.com/errata/RHSA-2016-0489.html