CVE-2017-1000353

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-1000353

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000353.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-1000353

Aliases

GHSA-26wc-3wqp-g3rp

Published

2018-01-29T17:29:00Z

Modified

2024-10-12T02:24:43.948762Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blacklist-based protection mechanism. We're fixing this issue by adding SignedObject to the blacklist. We're also backporting the new HTTP CLI protocol from Jenkins 2.54 to LTS 2.46.2, and deprecating the remoting-based (i.e. Java serialization) CLI protocol, disabling it by default.

References

Affected packages

Git / github.com/jenkinsci/jenkins

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/jenkins
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

200f9e05eb3c3d9a5ea4ef28e2392daa834cef21

Last affected

c6a23bdd264dff17b681765b08cf7f439f69d41e

Affected versions

1.*

1.324-rc

1.325-rc

1.327-rc

1.328-rc

1.502-rc1

1.580.1-rc1

Other

builds/10

builds/100

builds/101

builds/102

builds/103

builds/104

builds/105

builds/106

builds/107

builds/108

builds/109

builds/11

builds/110

builds/111

builds/112

builds/113

builds/114

builds/115

builds/116

builds/117

builds/118

builds/119

builds/12

builds/120

builds/121

builds/122

builds/123

builds/124

builds/125

builds/126

builds/127

builds/128

builds/13

builds/130

builds/131

builds/132

builds/133

builds/134

builds/135

builds/136

builds/137

builds/138

builds/139

builds/14

builds/140

builds/141

builds/142

builds/143

builds/144

builds/145

builds/146

builds/147

builds/148

builds/149

builds/15

builds/150

builds/151

builds/152

builds/153

builds/154

builds/155

builds/156

builds/157

builds/158

builds/16

builds/160

builds/161

builds/162

builds/163

builds/164

builds/165

builds/166

builds/167

builds/168

builds/169

builds/17

builds/170

builds/171

builds/172

builds/173

builds/174

builds/176

builds/177

builds/178

builds/179

builds/18

builds/180

builds/181

builds/182

builds/183

builds/184

builds/185

builds/186

builds/187

builds/188

builds/189

builds/19

builds/190

builds/191

builds/192

builds/193

builds/194

builds/195

builds/196

builds/197

builds/198

builds/199

builds/2

builds/200

builds/201

builds/202

builds/203

builds/204

builds/205

builds/206

builds/207

builds/209

builds/21

builds/210

builds/211

builds/212

builds/213

builds/214

builds/215

builds/216

builds/217

builds/218

builds/219

builds/22

builds/220

builds/221

builds/222

builds/223

builds/224

builds/225

builds/226

builds/227

builds/228

builds/229

builds/23

builds/230

builds/231

builds/232

builds/233

builds/234

builds/235

builds/236

builds/237

builds/238

builds/239

builds/24

builds/240

builds/241

builds/242

builds/243

builds/244

builds/245

builds/246

builds/247

builds/248

builds/249

builds/250

builds/251

builds/254

builds/255

builds/256

builds/257

builds/258

builds/259

builds/26

builds/260

builds/262

builds/263

builds/264

builds/265

builds/266

builds/267

builds/268

builds/269

builds/27

builds/270

builds/271

builds/272

builds/273

builds/274

builds/275

builds/276

builds/277

builds/278

builds/279

builds/28

builds/280

builds/281

builds/282

builds/283

builds/284

builds/285

builds/286

builds/287

builds/288

builds/29

builds/290

builds/291

builds/292

builds/293

builds/294

builds/295

builds/296

builds/297

builds/298

builds/299

builds/3

builds/30

builds/300

builds/301

builds/302

builds/303

builds/304

builds/305

builds/306

builds/307

builds/308

builds/309

builds/31

builds/310

builds/311

builds/312

builds/313

builds/314

builds/316

builds/317

builds/318

builds/319

builds/32

builds/320

builds/321

builds/322

builds/323

builds/324

builds/325

builds/326

builds/327

builds/328

builds/329

builds/33

builds/330

builds/331

builds/332

builds/333

builds/334

builds/335

builds/336

builds/338

builds/339

builds/34

builds/340

builds/341

builds/342

builds/343

builds/344

builds/345

builds/346

builds/348

builds/35

builds/350

builds/352

builds/353

builds/354

builds/355

builds/356

builds/357

builds/358

builds/359

builds/36

builds/361

builds/362

builds/363

builds/364

builds/365

builds/368

builds/369

builds/37

builds/370

builds/371

builds/372

builds/373

builds/374

builds/375

builds/39

builds/4

builds/40

builds/41

builds/42

builds/43

builds/44

builds/46

builds/47

builds/48

builds/49

builds/5

builds/50

builds/51

builds/52

builds/53

builds/54

builds/55

builds/56

builds/57

builds/58

builds/59

builds/6

builds/60

builds/62

builds/63

builds/64

builds/65

builds/66

builds/67

builds/68

builds/69

builds/7

builds/70

builds/71

builds/72

builds/73

builds/74

builds/75

builds/77

builds/81

builds/82

builds/83

builds/85

builds/86

builds/88

builds/89

builds/9

builds/90

builds/92

builds/93

builds/94

builds/95

builds/96

builds/97

builds/98

builds/99

changes/10

changes/100

changes/101

changes/102

changes/103

changes/104

changes/105

changes/106

changes/107

changes/108

changes/109

changes/11

changes/110

changes/111

changes/112

changes/113

changes/114

changes/115

changes/116

changes/117

changes/118

changes/119

changes/12

changes/120

changes/121

changes/122

changes/123

changes/124

changes/125

changes/126

changes/127

changes/128

changes/13

changes/130

changes/131

changes/132

changes/133

changes/134

changes/135

changes/136

changes/137

changes/138

changes/139

changes/14

changes/140

changes/141

changes/142

changes/143

changes/144

changes/145

changes/146

changes/147

changes/148

changes/149

changes/15

changes/150

changes/151

changes/152

changes/153

changes/154

changes/155

changes/156

changes/157

changes/158

changes/16

changes/160

changes/161

changes/162

changes/163

changes/164

changes/165

changes/166

changes/167

changes/168

changes/169

changes/17

changes/170

changes/171

changes/172

changes/173

changes/174

changes/176

changes/177

changes/178

changes/179

changes/18

changes/180

changes/181

changes/182

changes/183

changes/184

changes/185

changes/186

changes/187

changes/188

changes/189

changes/19

changes/190

changes/191

changes/192

changes/193

changes/194

changes/195

changes/196

changes/197

changes/198

changes/199

changes/2

changes/20

changes/200

changes/201

changes/202

changes/203

changes/204

changes/205

changes/206

changes/207

changes/209

changes/21

changes/210

changes/211

changes/212

changes/213

changes/214

changes/215

changes/216

changes/217

changes/218

changes/219

changes/22

changes/220

changes/221

changes/222

changes/223

changes/224

changes/225

changes/226

changes/227

changes/228

changes/229

changes/23

changes/230

changes/231

changes/232

changes/233

changes/234

changes/235

changes/236

changes/237

changes/238

changes/239

changes/24

changes/240

changes/241

changes/242

changes/243

changes/244

changes/245

changes/246

changes/247

changes/248

changes/249

changes/25

changes/250

changes/251

changes/254

changes/255

changes/256

changes/257

changes/258

changes/259

changes/26

changes/260

changes/262

changes/263

changes/264

changes/265

changes/266

changes/267

changes/268

changes/269

changes/27

changes/270

changes/271

changes/272

changes/273

changes/274

changes/275

changes/276

changes/277

changes/278

changes/279

changes/28

changes/280

changes/281

changes/282

changes/283

changes/284

changes/285

changes/286

changes/287

changes/288

changes/29

changes/290

changes/291

changes/292

changes/293

changes/294

changes/295

changes/296

changes/297

changes/298

changes/299

changes/3

changes/30

changes/300

changes/301

changes/302

changes/303

changes/304

changes/305

changes/306

changes/307

changes/308

changes/309

changes/31

changes/310

changes/311

changes/312

changes/313

changes/314

changes/316

changes/317

changes/318

changes/319

changes/32

changes/320

changes/321

changes/322

changes/323

changes/324

changes/325

changes/326

changes/327

changes/328

changes/329

changes/33

changes/330

changes/331

changes/332

changes/333

changes/334

changes/335

changes/336

changes/338

changes/339

changes/34

changes/340

changes/341

changes/342

changes/343

changes/344

changes/345

changes/346

changes/348

changes/35

changes/350

changes/352

changes/353

changes/354

changes/355

changes/356

changes/357

changes/358

changes/359

changes/36

changes/361

changes/362

changes/363

changes/364

changes/365

changes/368

changes/369

changes/37

changes/370

changes/371

changes/372

changes/373

changes/374

changes/375

changes/39

changes/4

changes/40

changes/41

changes/42

changes/43

changes/44

changes/46

changes/47

changes/48

changes/49

changes/5

changes/50

changes/51

changes/52

changes/53

changes/54

changes/55

changes/56

changes/57

changes/58

changes/59

changes/6

changes/60

changes/61

changes/62

changes/63

changes/64

changes/65

changes/66

changes/67

changes/68

changes/69

changes/7

changes/70

changes/71

changes/72

changes/73

changes/74

changes/75

changes/76

changes/77

changes/79

changes/8

changes/81

changes/82

changes/83

changes/85

changes/86

changes/88

changes/89

changes/9

changes/90

changes/92

changes/93

changes/94

changes/95

changes/96

changes/97

changes/98

changes/99

hudson-1_387

hudson-1_388

hudson-1_389

hudson-1_390

hudson-1_391

hudson-1_392

hudson-1_393

hudson-1_394

hudson-1_395

jenkins-1_396

jenkins-1_397

jenkins-1_398

jenkins-1_399

jenkins-1_400

jenkins-1_401

jenkins-1_402

jenkins-1_403

jenkins-1_404

jenkins-1_405

jenkins-1_406

jenkins-1_407

jenkins-1_408

jenkins-1_409

jenkins-1_410

jenkins-1_411

jenkins-1_412

jenkins-1_413

jenkins-1_414

jenkins-1_415

jenkins-1.*

jenkins-1.416

jenkins-1.417

jenkins-1.418

jenkins-1.419

jenkins-1.420

jenkins-1.421

jenkins-1.422

jenkins-1.423

jenkins-1.424

jenkins-1.425

jenkins-1.426

jenkins-1.427

jenkins-1.428

jenkins-1.429

jenkins-1.430

jenkins-1.431

jenkins-1.432

jenkins-1.433

jenkins-1.434

jenkins-1.435

jenkins-1.436

jenkins-1.437

jenkins-1.438

jenkins-1.439

jenkins-1.440

jenkins-1.441

jenkins-1.442

jenkins-1.443

jenkins-1.444

jenkins-1.445

jenkins-1.446

jenkins-1.447

jenkins-1.448

jenkins-1.449

jenkins-1.450

jenkins-1.451

jenkins-1.452

jenkins-1.453

jenkins-1.454

jenkins-1.455

jenkins-1.456

jenkins-1.457

jenkins-1.458

jenkins-1.459

jenkins-1.460

jenkins-1.461

jenkins-1.462

jenkins-1.463

jenkins-1.464

jenkins-1.465

jenkins-1.466

jenkins-1.467

jenkins-1.468

jenkins-1.469

jenkins-1.470

jenkins-1.471

jenkins-1.472

jenkins-1.473

jenkins-1.474

jenkins-1.475

jenkins-1.477

jenkins-1.478

jenkins-1.479

jenkins-1.480

jenkins-1.481

jenkins-1.482

jenkins-1.483

jenkins-1.484

jenkins-1.485

jenkins-1.486

jenkins-1.487

jenkins-1.488

jenkins-1.489

jenkins-1.490

jenkins-1.491

jenkins-1.492

jenkins-1.493

jenkins-1.494

jenkins-1.495

jenkins-1.496

jenkins-1.497

jenkins-1.498

jenkins-1.499

jenkins-1.500

jenkins-1.501

jenkins-1.502

jenkins-1.503

jenkins-1.504

jenkins-1.505

jenkins-1.506

jenkins-1.507

jenkins-1.508

jenkins-1.509

jenkins-1.510

jenkins-1.511

jenkins-1.512

jenkins-1.513

jenkins-1.514

jenkins-1.515

jenkins-1.516

jenkins-1.517

jenkins-1.518

jenkins-1.519

jenkins-1.520

jenkins-1.521

jenkins-1.522

jenkins-1.523

jenkins-1.524

jenkins-1.525

jenkins-1.526

jenkins-1.527

jenkins-1.528

jenkins-1.529

jenkins-1.530

jenkins-1.531

jenkins-1.532

jenkins-1.533

jenkins-1.534

jenkins-1.535

jenkins-1.536

jenkins-1.537

jenkins-1.538

jenkins-1.539

jenkins-1.540

jenkins-1.541

jenkins-1.542

jenkins-1.543

jenkins-1.544

jenkins-1.545

jenkins-1.546

jenkins-1.547

jenkins-1.548

jenkins-1.549

jenkins-1.550

jenkins-1.551

jenkins-1.552

jenkins-1.553

jenkins-1.554

jenkins-1.555

jenkins-1.556

jenkins-1.557

jenkins-1.558

jenkins-1.559

jenkins-1.560

jenkins-1.561

jenkins-1.562

jenkins-1.563

jenkins-1.564

jenkins-1.565

jenkins-1.566

jenkins-1.567

jenkins-1.568

jenkins-1.569

jenkins-1.570

jenkins-1.571

jenkins-1.572

jenkins-1.573

jenkins-1.574

jenkins-1.575

jenkins-1.576

jenkins-1.577

jenkins-1.578

jenkins-1.579

jenkins-1.580

jenkins-1.580.1

jenkins-1.580.2

jenkins-1.580.3

jenkins-1.580.3-rc1

jenkins-1.581

jenkins-1.582

jenkins-1.583

jenkins-1.584

jenkins-1.585

jenkins-1.586

jenkins-1.587

jenkins-1.588

jenkins-1.589

jenkins-1.590

jenkins-1.591

jenkins-1.592

jenkins-1.593

jenkins-1.594

jenkins-1.595

jenkins-1.596

jenkins-1.596.1

jenkins-1.596.2

jenkins-1.596.2-rc1

jenkins-1.596.3

jenkins-1.597

jenkins-1.598

jenkins-1.599

jenkins-1.600

jenkins-1.601

jenkins-1.602

jenkins-1.604

jenkins-1.605

jenkins-1.606

jenkins-1.607

jenkins-1.608

jenkins-1.609

jenkins-1.609.1

jenkins-1.609.1-rc1

jenkins-1.609.2

jenkins-1.609.2-rc1

jenkins-1.609.3

jenkins-1.610

jenkins-1.611

jenkins-1.612

jenkins-1.613

jenkins-1.614

jenkins-1.615

jenkins-1.616

jenkins-1.617

jenkins-1.618

jenkins-1.619

jenkins-1.620

jenkins-1.621

jenkins-1.622

jenkins-1.623

jenkins-1.624

jenkins-1.625

jenkins-1.625.1

jenkins-1.625.1-rc1

jenkins-1.625.1-rc2

jenkins-1.625.2

jenkins-1.625.2-rc1

jenkins-1.625.3

jenkins-1.625.3-rc1

jenkins-1.625.3-rc2

jenkins-1.626

jenkins-1.627

jenkins-1.628

jenkins-1.629

jenkins-1.630

jenkins-1.631

jenkins-1.632

jenkins-1.633

jenkins-1.634

jenkins-1.635

jenkins-1.636

jenkins-1.637

jenkins-1.638

jenkins-1.639

jenkins-1.640

jenkins-1.641

jenkins-1.642

jenkins-1.642.1

jenkins-1.642.1-rc1

jenkins-1.642.2

jenkins-1.642.2-rc1

jenkins-1.642.3

jenkins-1.643

jenkins-1.644

jenkins-1.645

jenkins-1.646

jenkins-1.647

jenkins-1.648

jenkins-1.649

jenkins-1.650

jenkins-1.651

jenkins-1.651.1

jenkins-1.651.2

jenkins-1.651.3

jenkins-1.652

jenkins-1.653

jenkins-1.654

jenkins-1.655

jenkins-1.656

jenkins-2.*

jenkins-2.0

jenkins-2.0-alpha-1

jenkins-2.0-alpha-2

jenkins-2.0-alpha-3

jenkins-2.0-alpha-4

jenkins-2.0-beta-1

jenkins-2.0-beta-2

jenkins-2.0-rc-1

jenkins-2.1

jenkins-2.10

jenkins-2.11

jenkins-2.12

jenkins-2.13

jenkins-2.14

jenkins-2.15

jenkins-2.16

jenkins-2.17

jenkins-2.18

jenkins-2.19

jenkins-2.19.1

jenkins-2.19.2

jenkins-2.19.3

jenkins-2.19.4

jenkins-2.2

jenkins-2.20

jenkins-2.21

jenkins-2.22

jenkins-2.23

jenkins-2.24

jenkins-2.25

jenkins-2.26

jenkins-2.27

jenkins-2.28

jenkins-2.29

jenkins-2.3

jenkins-2.30

jenkins-2.31

jenkins-2.32

jenkins-2.32.1

jenkins-2.32.2

jenkins-2.32.3

jenkins-2.33

jenkins-2.34

jenkins-2.35

jenkins-2.36

jenkins-2.37

jenkins-2.38

jenkins-2.39

jenkins-2.4

jenkins-2.40

jenkins-2.41

jenkins-2.42

jenkins-2.43

jenkins-2.44

jenkins-2.45

jenkins-2.46

jenkins-2.46.1

jenkins-2.47

jenkins-2.48

jenkins-2.49

jenkins-2.5

jenkins-2.50

jenkins-2.51

jenkins-2.52

jenkins-2.53

jenkins-2.54

jenkins-2.55

jenkins-2.56

jenkins-2.6

jenkins-2.7

jenkins-2.7.1

jenkins-2.7.2

jenkins-2.7.3

jenkins-2.7.4

jenkins-2.8

jenkins-2.9

prototype-1.*

prototype-1.5.1.1

prototype-1.7