Russian Vulnerability Scanner Database

Back to List

CVE-2016-0792

Scores

EPSS

0.909high90.9%
0%20%40%60%80%100%

Percentile: 90.9%

CVSS

8.8high3.x
0246810

CVSS Score: 8.8/10

All CVSS Scores

CVSS 3.x
8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Description

Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdredhat

CWEs

CWE-20

Exploits

Exploit ID: 42394

Source: exploitdb

URL: https://www.exploit-db.com/exploits/42394

Exploit ID: 43375

Source: exploitdb

URL: https://www.exploit-db.com/exploits/43375

Exploit ID: CVE-2016-0792

Source: github-poc

URL: https://github.com/Aviksaikat/CVE-2016-0792

Vulnerable Software (39)

Type: Configuration

Product: ImageMagick

Operating System: rhel

Trait: 
{  "fixed": "6.7.2.7-5.el6_8"}

Source: redhat

Type: Configuration

Product: activemq

Operating System: rhel

Trait: 
{  "fixed": "5.9.0-6.redhat.611463.el6op"}

Source: redhat

Type: Configuration

Product: jenkins

Operating System: rhel

Trait: 
{  "fixed": "1.651.2-1.el6op"}

Source: redhat

Type: Configuration

Product: jenkins

Operating System: rhel

Trait: 
{  "fixed": "1.642.2-1.el7"}

Source: redhat

Type: Configuration

Product: jenkins

Operating System: debian

Trait: 
{  "unfixed": true}

Source: debian

Type: Configuration

Product: jenkins-plugin-credentials

Operating System: rhel

Trait: 
{  "fixed": "1.24-2.el7"}

Source: redhat

Type: Configuration

Product: jenkins-plugin-durable-task

Operating System: rhel

Trait: 
{  "fixed": "1.7-1.el7"}

Source: redhat

Type: Configuration

Product: jenkins-plugin-kubernetes

Operating System: rhel

Trait: 
{  "fixed": "0.5-1.el7"}

Source: redhat

Type: Configuration

Product: jenkins-plugin-openshift-pipeline

Operating System: rhel

Trait: 
{  "fixed": "1.0.9-1.el7"}

Source: redhat

Type: Configuration

Product: libcgroup

Operating System: rhel

Trait: 
{  "fixed": "0.40.rc1-18.el6_8"}

Source: redhat

Type: Configuration

Product: openshift-origin-broker

Operating System: rhel

Trait: 
{  "fixed": "1.16.3.2-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-broker-util

Operating System: rhel

Trait: 
{  "fixed": "1.37.6.2-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-cartridge-cron

Operating System: rhel

Trait: 
{  "fixed": "1.25.4.2-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-cartridge-diy

Operating System: rhel

Trait: 
{  "fixed": "1.26.2.2-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-cartridge-haproxy

Operating System: rhel

Trait: 
{  "fixed": "1.31.6.2-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-cartridge-jbosseap

Operating System: rhel

Trait: 
{  "fixed": "2.27.4.2-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-cartridge-jbossews

Operating System: rhel

Trait: 
{  "fixed": "1.35.5.2-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-cartridge-jenkins

Operating System: rhel

Trait: 
{  "fixed": "1.29.2.2-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-cartridge-jenkins-client

Operating System: rhel

Trait: 
{  "fixed": "1.26.1.1-1.el6op"}

Source: redhat

Type: Configuration

Product: openshift-origin-cartridge-mongodb

Operating System: rhel

Trait: 
{  "fixed": "1.26.2.2-1.el6op"}

Source: redhat