CVE-2014-2060

CVE-2014-2060

EPSS 1.5%

The Winstone servlet container in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack sessions via unspecified vectors.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14 http://www.openwall.com/lists/oss-security/2014/02/21/2