CVE-2021-21671

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.

Reference Links(if available):

  • https://www.jenkins.io/security/advisory/2021-06-30/#SECURITY-2371
  • http://www.openwall.com/lists/oss-security/2021/06/30/1
  • CVSS Score (if available)

    v2: / HIGH

    v3: /

    Links to Exploits(if available)

  • Available for Amazon Prime