Skip to main content
All vulnerabilities
CVE-2015-5317

Jenkins User Interface (UI) Information Disclosure Vulnerability

JenkinsJenkins User Interface (UI)

Added to KEV catalog
12 May 2023
Federal remediation due date
2 June 2023
Weakness classification (CWE)
CWE-200

CISA Description

Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the "Fingerprints" pages.

Required action

Apply updates per vendor instructions.

Notes

https://www.jenkins.io/security/advisory/2015-11-11/; https://nvd.nist.gov/vuln/detail/CVE-2015-5317

Confirm Your Exposure

Is this vulnerability present in your environment?

CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.

Explore VAPT Services