Jenkins < 1.498 / 1.480.2 and Jenkins Enterprise 1.447.x / 1.466.x < 1.447.6.1 / 1.466.12.1 Unspecified Master Cryptographic Key Information Disclosure
Low Nessus Plugin ID 65055
SynopsisThe remote web server hosts a job scheduling / management system that
is affected by an information disclosure vulnerability.
DescriptionThe remote web server hosts a version of Jenkins or Jenkins Enterprise
that is affected by an information disclosure vulnerability that could
allow a remote attacker to gain access to master cryptographic key
information. Attackers with this information may be able to execute
arbitrary code on the master host.
SolutionUpgrade to Jenkins 1.498 / 1.480.2, Jenkins Enterprise 1.447.6.1 /
1.466.12.1 or later.