CVE-2015-5317 — Jenkins User Interface (UI) Information Disclosure Vulnerability
2023-05-12 • CISA Known Exploited Vulnerability
[event] Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the "Fingerprints" pages.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Jenkins |
| Product | Jenkins User Interface (UI) |
| CWE | CWE-200 |
| CVE ID | CVE-2015-5317 |
| Date Added | 2023-05-12 |
| Due Date | 2023-06-02 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2023-06-02