|Category:||Web application abuses|
|Title:||Jenkins < 2.121.3 / < 2.138 ACL Bypass Vulnerability|
|Summary:||Jenkins is prone to an ACL bypass vulnerability.|
Jenkins is prone to an ACL bypass vulnerability.
By prepending '/securityRealm/user/admin' to specific URLs an attacker is able to
bypass the ACL configuration of Jenkins and to access restricted areas on the remote application.
Jenkins weekly up to and including 2.137, Jenkins LTS up to and including 2.121.2.
Upgrade Jenkins weekly to 2.138 or later / Jenkins LTS to 2.121.3 or later.
|Copyright||Copyright (C) 2019 Greenbone Networks GmbH|
|This is only one of 74190 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.