{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T04:46:03.692","vulnerabilities":[{"cve":{"id":"CVE-2019-10384","sourceIdentifier":"jenkinsci-cert@googlegroups.com","published":"2019-08-28T16:15:10.983","lastModified":"2024-11-21T04:19:01.147","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user."},{"lang":"es","value":"Jenkins 2.191 y anteriores, LTS 2.176.2 y anteriores permitieron a los usuarios obtener tokens CSRF sin un ID de sesión web asociado, lo que resultó en tokens CSRF que no caducaron y podrían usarse para omitir la protección CSRF para el usuario anónimo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","versionEndIncluding":"2.176.2","matchCriteriaId":"B5A98920-1597-4C3B-8162-3EDAA7CE1AB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","versionEndIncluding":"2.191","matchCriteriaId":"EEC2A042-2405-4AA6-910F-3ACBC06F2EAC"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*","matchCriteriaId":"A4CA84D6-F312-4C29-A02B-050FCB7A902B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*","matchCriteriaId":"2F87326E-0B56-4356-A889-73D026DB1D4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*","matchCriteriaId":"064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2019/08/28/4","source":"jenkinsci-cert@googlegroups.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:2789","source":"jenkinsci-cert@googlegroups.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3144","source":"jenkinsci-cert@googlegroups.com","tags":["Third Party Advisory"]},{"url":"https://jenkins.io/security/advisory/2019-08-28/#SECURITY-1491","source":"jenkinsci-cert@googlegroups.com","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"jenkinsci-cert@googlegroups.com","tags":["Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2019/08/28/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:2789","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3144","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://jenkins.io/security/advisory/2019-08-28/#SECURITY-1491","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}