CVE-2019-16552

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-16552

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16552.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-16552

Aliases

GHSA-4r39-f4rh-j6q8

Published

2019-12-17T15:15:15Z

Modified

2025-01-08T05:46:05.939421Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins master.

References

Affected packages

Git / github.com/jenkinsci/gerrit-trigger-plugin

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/gerrit-trigger-plugin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

f0cc6b84c74219c0cfc2ce0470067db5f160609f

Affected versions

gerrit-trigger-2.*

gerrit-trigger-2.0

gerrit-trigger-2.1.0

gerrit-trigger-2.10.0

gerrit-trigger-2.10.1

gerrit-trigger-2.11.0

gerrit-trigger-2.11.0-beta-1

gerrit-trigger-2.11.0-beta-2

gerrit-trigger-2.11.0-beta-3

gerrit-trigger-2.11.0-beta-4

gerrit-trigger-2.12.0

gerrit-trigger-2.12.0-beta-1

gerrit-trigger-2.12.0-beta-2

gerrit-trigger-2.12.0-beta-3

gerrit-trigger-2.12.0-beta-4

gerrit-trigger-2.12.0-beta-5

gerrit-trigger-2.12.0-beta-5r2

gerrit-trigger-2.13.0

gerrit-trigger-2.13.0-beta-1

gerrit-trigger-2.13.0-beta-2

gerrit-trigger-2.13.0-beta-3

gerrit-trigger-2.13.0-beta-4

gerrit-trigger-2.13.0-beta-5

gerrit-trigger-2.13.0-beta-5r2

gerrit-trigger-2.13.0-beta-6

gerrit-trigger-2.14.0

gerrit-trigger-2.14.0-beta-1

gerrit-trigger-2.14.0-beta-2

gerrit-trigger-2.14.0-beta-3

gerrit-trigger-2.15.0

gerrit-trigger-2.15.0-beta-1

gerrit-trigger-2.15.1

gerrit-trigger-2.15.2

gerrit-trigger-2.16.0

gerrit-trigger-2.17.0

gerrit-trigger-2.17.1

gerrit-trigger-2.17.2

gerrit-trigger-2.17.3

gerrit-trigger-2.17.4

gerrit-trigger-2.17.5

gerrit-trigger-2.18.0

gerrit-trigger-2.18.1

gerrit-trigger-2.18.2

gerrit-trigger-2.18.3

gerrit-trigger-2.18.4

gerrit-trigger-2.19.0

gerrit-trigger-2.20.0

gerrit-trigger-2.21.0

gerrit-trigger-2.21.1

gerrit-trigger-2.22.0

gerrit-trigger-2.23.0

gerrit-trigger-2.23.1

gerrit-trigger-2.23.2

gerrit-trigger-2.23.3

gerrit-trigger-2.24.0

gerrit-trigger-2.25.0

gerrit-trigger-2.26.0

gerrit-trigger-2.26.1

gerrit-trigger-2.26.2

gerrit-trigger-2.27.0

gerrit-trigger-2.27.1

gerrit-trigger-2.27.2

gerrit-trigger-2.27.3

gerrit-trigger-2.27.4

gerrit-trigger-2.27.5

gerrit-trigger-2.27.6

gerrit-trigger-2.27.7

gerrit-trigger-2.28.0

gerrit-trigger-2.29.0

gerrit-trigger-2.29.0-r2

gerrit-trigger-2.3.0

gerrit-trigger-2.3.0-t2

gerrit-trigger-2.3.1

gerrit-trigger-2.3.1-r2

gerrit-trigger-2.30.0

gerrit-trigger-2.30.1

gerrit-trigger-2.4.0

gerrit-trigger-2.5.0

gerrit-trigger-2.5.1

gerrit-trigger-2.5.2

gerrit-trigger-2.6.0

gerrit-trigger-2.6.0-r4

gerrit-trigger-2.7.0

gerrit-trigger-2.8.0

gerrit-trigger-2.9.0

Other

gerrit-trigger-parent-1_3