gsd - gsd-2013-0330

gsd-2013-0330

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.

Aliases

CVE-2013-0330

Aliases

CVE-2013-0330

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-0330",
    "description": "Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.",
    "id": "GSD-2013-0330",
    "references": [
      "https://access.redhat.com/errata/RHSA-2013:0638"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-0330"
      ],
      "details": "Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.",
      "id": "GSD-2013-0330",
      "modified": "2023-12-13T01:22:15.094477Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2013-0330",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2013-0638.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html"
          },
          {
            "name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb",
            "refsource": "MISC",
            "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2013/02/21/7",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2013/02/21/7"
          },
          {
            "name": "http://www.securityfocus.com/bid/57994",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/57994"
          },
          {
            "name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16",
            "refsource": "MISC",
            "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=914878",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=914878"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.480.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.501",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-0330"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"
            },
            {
              "name": "57994",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/57994"
            },
            {
              "name": "RHSA-2013:0638",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=914878",
              "refsource": "MISC",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=914878"
            },
            {
              "name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"
            },
            {
              "name": "[oss-security] 20130220 Re: Jenkins CVE request for Jenkins Security Advisory 2013-02-16",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2013/02/21/7"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-06-13T23:24Z",
      "publishedDate": "2013-03-19T14:55Z"
    }
  }
}

CVE-2013-0330 (GCVE-0-2013-0330)

Vulnerability from cvelistv5

Published

2013-03-19 14:00

Modified

2024-08-06 14:25

Severity ?

CWE

Summary

Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.

References

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2013-0638.html	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2013/02/21/7	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/57994	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=914878	x_refsource_MISC
	http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb	x_refsource_CONFIRM
	https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website