CVE-2017-1000109 - Vulnerability Details

The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Jenkins	Owasp Dependency-check

Configuration 1 [-]

OR	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.1.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.2:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.3:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.4:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.4.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.5:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.7:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.0.8:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.1.0:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1.2:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.1.2:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.1.3:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.1.4:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.1.4.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.0:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.2:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3.2:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.4:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.5:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.6:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.7:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.7.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.8:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.9:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.10:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.11:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.2.11.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.0:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1.2:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.2:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.3:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.4:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.5:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.3.6:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.4.0:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.4.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.4.2:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.4.3:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.4.4:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:1.4.5:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:2.0.0:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:2.0.1:::::jenkins::
	cpe:2.3:a:jenkins:owasp_dependency-check:2.0.1.1:::::jenkins::

No data.

References

Link	Providers
http://www.securityfocus.com/bid/100227
https://jenkins.io/security/advisory/2017-08-07/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-10-04T01:00:00

Updated: 2024-08-05T21:53:06.841Z

Reserved: 2017-10-03T00:00:00

Link: CVE-2017-1000109

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-10-05T01:29:04.367

Modified: 2024-11-21T03:04:10.993

Link: CVE-2017-1000109

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2017-08-22T00:00:00", "datePublic": "2017-10-03T00:00:00", "descriptions": [{"lang": "en", "value": "The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-04T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "100227", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/100227"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://jenkins.io/security/advisory/2017-08-07/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-08-22T17:29:33.322861", "ID": "CVE-2017-1000109", "REQUESTER": "ml@beckweb.net", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "100227", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100227"}, {"name": "https://jenkins.io/security/advisory/2017-08-07/", "refsource": "CONFIRM", "url": "https://jenkins.io/security/advisory/2017-08-07/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T21:53:06.841Z"}, "title": "CVE Program Container", "references": [{"name": "100227", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/100227"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://jenkins.io/security/advisory/2017-08-07/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000109", "datePublished": "2017-10-04T01:00:00", "dateReserved": "2017-10-03T00:00:00", "dateUpdated": "2024-08-05T21:53:06.841Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "FE428D65-2789-4FD0-AAAD-6B3C07BACC18", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.1.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "94D1D9E7-451D-4756-B9A4-C9744DBC715D", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.2:*:*:*:*:jenkins:*:*", "matchCriteriaId": "31E1C69C-C417-4339-B962-90D1E392EA92", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.3:*:*:*:*:jenkins:*:*", "matchCriteriaId": "187EEC33-EF1B-4E56-8D06-9721E6EF6A38", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.4:*:*:*:*:jenkins:*:*", "matchCriteriaId": "B1FFA96E-AB65-4427-8053-C15BBB991BCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.4.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "0BDA7EAA-BA4A-486A-ABDC-B07E5C162B7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.5:*:*:*:*:jenkins:*:*", "matchCriteriaId": "BB8439C6-DEE9-484F-A987-FD0139709891", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.7:*:*:*:*:jenkins:*:*", "matchCriteriaId": "72496F9F-6392-46EA-9D40-99717775BCCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.0.8:*:*:*:*:jenkins:*:*", "matchCriteriaId": "94488F71-6068-4D40-A489-E7A7CE9B819C", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.1.0:*:*:*:*:jenkins:*:*", "matchCriteriaId": "F7533C35-FC4A-4D53-BDDF-D877B05A038D", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "7D78D0F6-DE89-4456-9AA6-E569F7DD39C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "5DC4746C-AA1F-4D9D-880C-76B42E253F45", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1.2:*:*:*:*:jenkins:*:*", "matchCriteriaId": "34B2D8CD-C621-4A0A-82BC-E1415FD26C71", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.1.2:*:*:*:*:jenkins:*:*", "matchCriteriaId": "856328A7-BD25-4905-9D49-9B8E9DA67196", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.1.3:*:*:*:*:jenkins:*:*", "matchCriteriaId": "14959CAC-8561-4BC1-978E-6B6B60F9C78A", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.1.4:*:*:*:*:jenkins:*:*", "matchCriteriaId": "D353EEE8-8C03-4F75-9A02-55F159E24B04", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.1.4.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "2532B713-4F03-40A5-8549-EC465EDB7558", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.0:*:*:*:*:jenkins:*:*", "matchCriteriaId": "563C0CFF-CA00-4E66-B0EA-631084164BE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "2DB6D211-2140-44DA-94F5-F40E84F32FEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.2:*:*:*:*:jenkins:*:*", "matchCriteriaId": "5CAC68EE-0509-4D50-85B6-D2143B31F6E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3:*:*:*:*:jenkins:*:*", "matchCriteriaId": "982C152C-54B8-4CE7-AB3F-242A69451735", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "CF2A2C18-D3F7-4E08-8D06-6083E63A8853", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3.2:*:*:*:*:jenkins:*:*", "matchCriteriaId": "2FE0020C-D1C4-4EA0-896E-D40301F7D54A", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.4:*:*:*:*:jenkins:*:*", "matchCriteriaId": "4DC56E2F-AFDE-46FF-A971-0071B13CD57F", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.5:*:*:*:*:jenkins:*:*", "matchCriteriaId": "7C655E9A-E4FB-4A93-A700-12E73CB158DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.6:*:*:*:*:jenkins:*:*", "matchCriteriaId": "BA82EB1F-223A-43A8-85FF-6BDEC57EC96E", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.7:*:*:*:*:jenkins:*:*", "matchCriteriaId": "EE5DFF68-55E3-474C-8AEC-9FA8FFEAB29B", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.7.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "167B3711-E4F6-4F7A-A7D5-1AB306ABADAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.8:*:*:*:*:jenkins:*:*", "matchCriteriaId": "D9734E28-3E4D-441B-9A25-010AF22EF2CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.9:*:*:*:*:jenkins:*:*", "matchCriteriaId": "E0193375-C35E-4471-BFBF-323609286D3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.10:*:*:*:*:jenkins:*:*", "matchCriteriaId": "A4714A4A-AB41-4E3B-B1FB-126876077209", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.11:*:*:*:*:jenkins:*:*", "matchCriteriaId": "B32A175D-CC97-475E-BA84-0FD80190C550", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.2.11.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "43F2EBBF-ACC5-45B8-A05A-AD33A087E4A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.0:*:*:*:*:jenkins:*:*", "matchCriteriaId": "CF8D99B6-078E-4CB7-9C15-309269C9475E", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "76448741-A34E-40CC-B29C-3AA807D8DA1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "5F7DD792-C2AC-4C7D-B499-2139AEC95D9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1.2:*:*:*:*:jenkins:*:*", "matchCriteriaId": "4B24A3BA-34F4-47C2-9102-72A7242C373D", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.2:*:*:*:*:jenkins:*:*", "matchCriteriaId": "0FC17478-320A-40E5-A6A9-269B5B0E78FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.3:*:*:*:*:jenkins:*:*", "matchCriteriaId": "797EC1B7-B003-436A-A16D-38C17D24E7C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.4:*:*:*:*:jenkins:*:*", "matchCriteriaId": "454D7BAC-360D-4484-9806-06398D7D81B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.5:*:*:*:*:jenkins:*:*", "matchCriteriaId": "C363C3E1-06CC-4241-8BDC-D897F1A36CA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.3.6:*:*:*:*:jenkins:*:*", "matchCriteriaId": "D30FA350-D520-4569-87C3-DCAD6B476932", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.4.0:*:*:*:*:jenkins:*:*", "matchCriteriaId": "CAA3F171-2461-4AB1-B943-158C397917EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.4.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "6AAF4F60-365C-45B2-A35A-4249E24741FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.4.2:*:*:*:*:jenkins:*:*", "matchCriteriaId": "5ABC369B-7051-447F-8BAA-54E5A25CB489", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.4.3:*:*:*:*:jenkins:*:*", "matchCriteriaId": "6BA1E839-43E6-400A-9848-8A56FB8B87E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.4.4:*:*:*:*:jenkins:*:*", "matchCriteriaId": "8ABF8C5E-4131-4C53-86B8-B44D65749C9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:1.4.5:*:*:*:*:jenkins:*:*", "matchCriteriaId": "9A5F226A-69A0-43E3-8F1F-B332C5BDFCA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:2.0.0:*:*:*:*:jenkins:*:*", "matchCriteriaId": "435597BF-F804-4A1E-A781-AEB432A5B5FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:2.0.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "C111631F-92EC-4F0F-AD09-7DE270A5C1B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:owasp_dependency-check:2.0.1.1:*:*:*:*:jenkins:*:*", "matchCriteriaId": "D926C362-4745-4D29-8C35-E558D8DC976A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view."}, {"lang": "es", "value": "La vista Details personalizada del plugin OWASP Dependency-Check basado en Static Analysis Utilities era vulnerable a Cross-Site Scripting (XSS) persistente. Los usuarios maliciosos capaces de influenciar las entradas en este plugin podr\u00edan insertar HTML arbitrario en esta vista."}], "id": "CVE-2017-1000109", "lastModified": "2024-11-21T03:04:10.993", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-05T01:29:04.367", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/100227"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://jenkins.io/security/advisory/2017-08-07/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/100227"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://jenkins.io/security/advisory/2017-08-07/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object