CVE-2015-1810 — Jenkins does not Restrict Reserved Names Allowing for Privilege Escalation

Description

The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote attackers to gain privileges by creating a reserved name.

How to fix CVE-2015-1810

To remediate CVE-2015-1810, upgrade the affected package to a fixed version below.

Maven/org.jenkins-ci.main:jenkins-core—upgrade to 1.600 or later

Is CVE-2015-1810 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

>= 1.597, < 1.600

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 4.0	—	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N

References (6)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2015-1810
PATCHgithub.com/jenkinsci/jenkins
WEBrhn.redhat.com/errata/RHSA-2015-1844.html
WEBaccess.redhat.com/errata/RHSA-2016:0070
WEBbugzilla.redhat.com