Jenkins < 1.498 / 1.480.2 and Jenkins Enterprise 1.447.x / 1.466.x < 1.447.6.1 / 1.466.12.1 Unspecified Master Cryptographic Key Information Disclosure

Low Nessus Plugin ID 65055


The remote web server hosts a job scheduling / management system that
is affected by an information disclosure vulnerability.


The remote web server hosts a version of Jenkins or Jenkins Enterprise
that is affected by an information disclosure vulnerability that could
allow a remote attacker to gain access to master cryptographic key
information. Attackers with this information may be able to execute
arbitrary code on the master host.


Upgrade to Jenkins 1.498 / 1.480.2, Jenkins Enterprise 1.447.6.1 /
1.466.12.1 or later.

See Also

Plugin Details

Severity: Low

ID: 65055

File Name: jenkins_1_498.nasl

Version: 1.8

Type: remote

Family: CGI abuses

Published: 2013/03/06

Modified: 2018/11/15

Dependencies: 65054

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 2.6

Temporal Score: 2.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:cloudbees:jenkins

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/01/07

Vulnerability Publication Date: 2013/01/07

Reference Information

CVE: CVE-2013-0158

BID: 57171