CVE-2021-21655

HIGH

7.1

CVSS Severity Score

EPSS Score0.0440%

EPSS Percentile4.31th

Published2021年5月11日

Last Modified2024年11月21日

Vulnerability Description

A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password.

Affected Platforms (CPE)

📦

Jenkins

P4

<= 1.11.4

References & Advisories

🔗 https://www.jenkins.io/security/advisory/2021-05-11/#SECURITY-2327

関連する脆弱性情報

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...

CVE-2021-4155610.0

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to ...

CVE-2021-2124310.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deser...