CVE-2016-0790

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 24-02-2016 01:00

Last modified: - 24-02-2016 01:00

Total changes: - 11

Description

CVE-2016-0790 jenkins: Non-constant time comparison of API token (SECURITY-241)

Common Vulnerability Scoring System (CVSS)

AV:N/AC:H/Au:N/C:P/I:P/A:P

High

Attack complexity

Network

Attack vector

Low

Availability

Low

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

5.1

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=activemq-0 AND versionEndExcluding=5.9.0-6.redhat.611463.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=ImageMagick-0 AND versionEndExcluding=6.7.2.7-5.el6_8

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=jenkins-0 AND versionEndExcluding=1.651.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=libcgroup-0 AND versionEndExcluding=0.40.rc1-18.el6_8

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-broker-0 AND versionEndExcluding=1.16.3.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-broker-util-0 AND versionEndExcluding=1.37.6.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-cron-0 AND versionEndExcluding=1.25.4.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-diy-0 AND versionEndExcluding=1.26.2.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-haproxy-0 AND versionEndExcluding=1.31.6.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-jbosseap-0 AND versionEndExcluding=2.27.4.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-jbossews-0 AND versionEndExcluding=1.35.5.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-jenkins-0 AND versionEndExcluding=1.29.2.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-jenkins-client-0 AND versionEndExcluding=1.26.1.1-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-mongodb-0 AND versionEndExcluding=1.26.2.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-mysql-0 AND versionEndExcluding=1.31.3.3-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-nodejs-0 AND versionEndExcluding=1.33.1.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-perl-0 AND versionEndExcluding=1.30.2.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-php-0 AND versionEndExcluding=1.35.4.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-python-0 AND versionEndExcluding=1.34.3.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-cartridge-ruby-0 AND versionEndExcluding=1.32.2.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-msg-node-mcollective-0 AND versionEndExcluding=1.30.2.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-node-proxy-0 AND versionEndExcluding=1.26.3.1-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=openshift-origin-node-util-0 AND versionEndExcluding=1.38.7.1-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=rhc-0 AND versionEndExcluding=1.38.7.1-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=rubygem-openshift-origin-admin-console-0 AND versionEndExcluding=1.28.2.1-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=rubygem-openshift-origin-controller-0 AND versionEndExcluding=1.38.6.4-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=rubygem-openshift-origin-frontend-haproxy-sni-proxy-0 AND versionEndExcluding=0.5.2.1-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=rubygem-openshift-origin-msg-broker-mcollective-0 AND versionEndExcluding=1.36.2.4-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=rubygem-openshift-origin-node-0 AND versionEndExcluding=1.38.6.4-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=rubygem-openshift-origin-routing-daemon-0 AND versionEndExcluding=0.26.6.1-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2.0

AND

product=jenkins-0 AND versionEndExcluding=1.642.2-1.el7

vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.1

AND

product=jenkins-plugin-credentials-0 AND versionEndExcluding=1.24-2.el7

vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.1

AND

product=jenkins-plugin-durable-task-0 AND versionEndExcluding=1.7-1.el7

vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.1

AND

product=jenkins-plugin-kubernetes-0 AND versionEndExcluding=0.5-1.el7

vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.1

AND

product=jenkins-plugin-openshift-pipeline-0 AND versionEndExcluding=1.0.9-1.el7

vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.1

Reference

Keywords

REDHAT

CVE-2016-0790

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.