CVE-2013-6372
Published May 8, 2014
Last updated 2 years ago
Overview
- Description
- The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-255
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A0C3967-1BE4-4EC0-802A-B98BAB066CAF",
"versionEndIncluding": "1.53"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFC1BA0A-4F44-41CB-BE3D-86585343A996"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42130246-75B1-47A2-B712-1896519E0615"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADB4F6BB-5C75-43FB-AAD6-948A499BE9D5"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93379312-B9F0-4CD6-8E75-6D21EDBA1494"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17A34AB1-C2CC-46B4-BD0A-847341D38412"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C80B65A-FA53-4ACA-A1F6-61FAABA803F0"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A28330AB-CC93-460D-B984-1D0F77BB2545"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C68E121B-9509-46D8-A6B1-B38AA5BADA58"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2BDADED-2AE4-4833-8B72-033C2C09783E"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D7FF31F-0A0F-4925-9633-90E3E96EEC00"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BC0D710-CDBF-45C3-AE8D-48E360A3B03E"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B62C0E6E-F258-4E78-A37B-0AF45B73D239"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6792C3D-80B6-40D4-B004-BF79A306BFBC"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "636C17AE-0147-4E82-843C-2974A0EF39C4"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0FC4FDC-92DE-45C9-8027-B6C69A02DEB9"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E470E8EB-A2D7-4986-8F68-D35FD4545BAC"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7AD55CE-BE53-40B8-B3D9-31767D4B336E"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E91FAD18-0CA2-4B57-A879-870BBFD07A03"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07CB2DDF-2FD1-4715-8AEB-4E909012E193"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "118D6413-7BDE-496A-8161-79C5A65288E8"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03A6F19E-0825-43B4-B890-550EED3FB115"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B73C5933-58A7-4671-B134-DCFAFBA77AEC"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12EC1524-3A67-4154-AAB6-49EC725F132F"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33D3CC94-8466-497F-AEC2-039D4381D1B0"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A56D5604-CBC6-4861-9254-25FC48947EAD"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F200895-2A69-44E4-9B74-63E1412FDD4D"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E2EE14E-147B-4FB2-904B-D0A68DE6F977"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83B2328A-AB2D-488C-957E-49E44C844F2D"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A550AEFB-C037-4E81-B2B4-1439D25A3C35"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C503ABFA-363E-4A9A-B972-5FB343A99BD6"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5409FB8-67F2-4D4E-AEA3-C73063076F20"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB9F89E5-5979-4E33-BD77-96E86CA7FE6B"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.32:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76273F68-0A17-408E-92AF-E7314697A6C3"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.33:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD2EE5D6-2941-46CA-880B-AD0BA83F7D74"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.34:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B7E6CDD-4D4F-465B-867A-D8B39D2785FB"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.35:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "200DD105-C201-4FCA-BA53-4206A1A4832D"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.36:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49FE2921-48B3-4542-8103-9C33FADFEB22"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.37:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4921E1A-FC86-47EC-BDDC-60E502C03B01"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.38:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3739D57-F82D-4A91-8FE6-266ADBF1DE97"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.39:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "796A7271-9C54-4E42-B447-29E4E16D21C2"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3D5A37E-CD16-4247-9312-54B6431869CA"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB8D20BE-9728-4683-A139-B731BEB58CAB"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06787176-AF45-41D8-B6A6-B38DCCAD223C"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.43:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D5C620E-D15E-4E90-B8D5-C88105676DEA"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.44:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D66176AA-0758-425E-AE20-BCBB6EDD5E27"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.45:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "900F382D-20B0-4346-90AE-CFA44CBC9571"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.46:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63FEEF4B-BE5E-4C82-998A-D3CC50B903A7"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.47:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3DAA19C-49C9-45F8-8341-90FA703B154F"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.48:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74879497-35C7-49C1-A6ED-8A9B759A2FC8"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.49:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBDC2FC4-A7E0-4843-A5E2-E266E66A1F64"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E8C4807-C0A5-437E-A0E2-10A6768918E7"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "074EB173-1F65-4203-90AA-0164C2C32E56"
},
{
"criteria": "cpe:2.3:a:jenkins-ci:subversion-plugin:1.52:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60F81CAB-203F-4625-833A-46302CBCE2F5"
}
],
"operator": "OR"
}
]
}
]