CVE-2019-10375

medium

Description

An arbitrary file read vulnerability in Jenkins File System SCM Plugin 2.1 and earlier allows attackers able to configure jobs in Jenkins to obtain the contents of any file on the Jenkins master.

References

https://jenkins.io/security/advisory/2019-08-07/#SECURITY-569

http://www.openwall.com/lists/oss-security/2019/08/07/1

Details

Source: Mitre, NVD

Published: 2019-08-07

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N