CVE-2013-6373

CVE-2013-6373

EPSS 1.1%

The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wiki.jenkins-ci.org/display/JENKINS/Exclusion-Plugin https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-11-20