1. Home
  2. Vulnerabilities
  3. CVE-2014-2059

CVE-2014-2059

CVSS v2.0 6.5 (Medium)
65% Progress
EPSS 0.37 % (73th)
0.37% Progress
Affected Products 1
Advisories 1
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name.

Weaknesses
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE Status
PUBLISHED
CNA
Debian GNU/Linux
Published Date
2014-03-01 00:01:09
(10 years ago)
Updated Date
2017-08-29 01:34:29
(7 years ago)

Affected Products

Jenkins

Configuration #1

    CPE23 From Up To
  Jenkins 1.532.1 and prior versions cpe:2.3:a:jenkins:jenkins::*:*:*:lts <= 1.532.1

Configuration #2

    CPE23 From Up To
  Jenkins 1.550 and prior versions cpe:2.3:a:jenkins:jenkins <= 1.550