Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2033

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2013-2033
Last Modified 11 Apr 2014 10:17:02
Published 10 Apr 2014 04:29:20
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication SINGLE_INSTANCE

CVE-2013-2033

Summary

Cross-site scripting (XSS) vulnerability in CloudBees Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Cloudbees Jenkins 1.301

  • Cloudbees Jenkins 1.302

  • Cloudbees Jenkins 1.303

  • Cloudbees Jenkins 1.304

  • Cloudbees Jenkins 1.305

  • Cloudbees Jenkins 1.306

  • Cloudbees Jenkins 1.307

  • Cloudbees Jenkins 1.308

  • Cloudbees Jenkins 1.309

  • Cloudbees Jenkins 1.310

  • Cloudbees Jenkins 1.311

  • Cloudbees Jenkins 1.312

  • Cloudbees Jenkins 1.313

  • Cloudbees Jenkins 1.314

  • Cloudbees Jenkins 1.315

  • Cloudbees Jenkins 1.316

  • Cloudbees Jenkins 1.317

  • Cloudbees Jenkins 1.318

  • Cloudbees Jenkins 1.319

  • Cloudbees Jenkins 1.320

  • Cloudbees Jenkins 1.321

  • Cloudbees Jenkins 1.322

  • Cloudbees Jenkins 1.323

  • Cloudbees Jenkins 1.324

  • Cloudbees Jenkins 1.325

  • Cloudbees Jenkins 1.326

  • Cloudbees Jenkins 1.327

  • Cloudbees Jenkins 1.328

  • Cloudbees Jenkins 1.329

  • Cloudbees Jenkins 1.330

  • Cloudbees Jenkins 1.331

  • Cloudbees Jenkins 1.332

  • Cloudbees Jenkins 1.333

  • Cloudbees Jenkins 1.334

  • Cloudbees Jenkins 1.335

  • Cloudbees Jenkins 1.336

  • Cloudbees Jenkins 1.337

  • Cloudbees Jenkins 1.338

  • Cloudbees Jenkins 1.339

  • Cloudbees Jenkins 1.340

  • Cloudbees Jenkins 1.341

  • Cloudbees Jenkins 1.342

  • Cloudbees Jenkins 1.343

  • Cloudbees Jenkins 1.344

  • Cloudbees Jenkins 1.345

  • Cloudbees Jenkins 1.346

  • Cloudbees Jenkins 1.347

  • Cloudbees Jenkins 1.348

  • Cloudbees Jenkins 1.349

  • Cloudbees Jenkins 1.350

  • Cloudbees Jenkins 1.351

  • Cloudbees Jenkins 1.352

  • Cloudbees Jenkins 1.353

  • Cloudbees Jenkins 1.354

  • Cloudbees Jenkins 1.355

  • Cloudbees Jenkins 1.356

  • Cloudbees Jenkins 1.357

  • Cloudbees Jenkins 1.358

  • Cloudbees Jenkins 1.359

  • Cloudbees Jenkins 1.360

  • Cloudbees Jenkins 1.361

  • Cloudbees Jenkins 1.362

  • Cloudbees Jenkins 1.363

  • Cloudbees Jenkins 1.364

  • Cloudbees Jenkins 1.365

  • Cloudbees Jenkins 1.366

  • Cloudbees Jenkins 1.367

  • Cloudbees Jenkins 1.368

  • Cloudbees Jenkins 1.369

  • Cloudbees Jenkins 1.370

  • Cloudbees Jenkins 1.371

  • Cloudbees Jenkins 1.372

  • Cloudbees Jenkins 1.373

  • Cloudbees Jenkins 1.374

  • Cloudbees Jenkins 1.375

  • Cloudbees Jenkins 1.376

  • Cloudbees Jenkins 1.377

  • Cloudbees Jenkins 1.378

  • Cloudbees Jenkins 1.379

  • Cloudbees Jenkins 1.380

  • Cloudbees Jenkins 1.382

  • Cloudbees Jenkins 1.383

  • Cloudbees Jenkins 1.384

  • Cloudbees Jenkins 1.386

  • Cloudbees Jenkins 1.387

  • Cloudbees Jenkins 1.388

  • Cloudbees Jenkins 1.389

  • Cloudbees Jenkins 1.390

  • Cloudbees Jenkins 1.391

  • Cloudbees Jenkins 1.392

  • Cloudbees Jenkins 1.393

  • Cloudbees Jenkins 1.394

  • Cloudbees Jenkins 1.395

  • Cloudbees Jenkins 1.396

  • Cloudbees Jenkins 1.397

  • Cloudbees Jenkins 1.398

  • Cloudbees Jenkins 1.399

  • Cloudbees Jenkins 1.400

  • Cloudbees Jenkins 1.401

  • Cloudbees Jenkins 1.402

  • Cloudbees Jenkins 1.403

  • Cloudbees Jenkins 1.404

  • Cloudbees Jenkins 1.405

  • Cloudbees Jenkins 1.406

  • Cloudbees Jenkins 1.407

  • Cloudbees Jenkins 1.408

  • Cloudbees Jenkins 1.409

  • Cloudbees Jenkins 1.409.1

  • Cloudbees Jenkins 1.409.2

  • Cloudbees Jenkins 1.409.3

  • Cloudbees Jenkins 1.410

  • Cloudbees Jenkins 1.411

  • Cloudbees Jenkins 1.412

  • Cloudbees Jenkins 1.413

  • Cloudbees Jenkins 1.414

  • Cloudbees Jenkins 1.415

  • Cloudbees Jenkins 1.416

  • Cloudbees Jenkins 1.417

  • Cloudbees Jenkins 1.418

  • Cloudbees Jenkins 1.419

  • Cloudbees Jenkins 1.420

  • Cloudbees Jenkins 1.421

  • Cloudbees Jenkins 1.422

  • Cloudbees Jenkins 1.423

  • Cloudbees Jenkins 1.424

  • Cloudbees Jenkins 1.424.0.2

  • Cloudbees Jenkins 1.424.0.4

  • Cloudbees Jenkins 1.424.1

  • Cloudbees Jenkins 1.424.1.1

  • Cloudbees Jenkins 1.424.2

  • Cloudbees Jenkins 1.424.2.1

  • Cloudbees Jenkins 1.424.3

  • Cloudbees Jenkins 1.424.4

  • Cloudbees Jenkins 1.424.4.1

  • Cloudbees Jenkins 1.424.5

  • Cloudbees Jenkins 1.424.5.1

  • Cloudbees Jenkins 1.424.6

  • Cloudbees Jenkins 1.424.6.1

  • Cloudbees Jenkins 1.424.6.11

  • Cloudbees Jenkins 1.425

  • Cloudbees Jenkins 1.426

  • Cloudbees Jenkins 1.427

  • Cloudbees Jenkins 1.428

  • Cloudbees Jenkins 1.429

  • Cloudbees Jenkins 1.430

  • Cloudbees Jenkins 1.431

  • Cloudbees Jenkins 1.432

  • Cloudbees Jenkins 1.433

  • Cloudbees Jenkins 1.434

  • Cloudbees Jenkins 1.435

  • Cloudbees Jenkins 1.436

  • Cloudbees Jenkins 1.437

  • Cloudbees Jenkins 1.447

  • Cloudbees Jenkins 1.447.1

  • Cloudbees Jenkins 1.447.1.1

  • Cloudbees Jenkins 1.447.2

  • Cloudbees Jenkins 1.447.2.2

  • Cloudbees Jenkins 1.447.3.1

  • Cloudbees Jenkins 1.466.1

  • Cloudbees Jenkins 1.466.1.2

  • Cloudbees Jenkins 1.466.10.1

  • Cloudbees Jenkins 1.466.12.1

  • Cloudbees Jenkins 1.466.13.1

  • Cloudbees Jenkins 1.466.2

  • Cloudbees Jenkins 1.466.2.1

  • Cloudbees Jenkins 1.480.3.1

  • Cloudbees Jenkins 1.509


References

XF - jenkins-cve20132033-xss(84004)

CONFIRM - http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb

OSVDB - 92982


Last Updated: 27 May 2016 11:04:53