Carnal0wnage Blog: Jenkins - SECURITY-180/CVE-2015-1814 PoC

Wednesday, February 27, 2019

Jenkins - SECURITY-180/CVE-2015-1814 PoC

Forced API token change

SECURITY-180/CVE-2015-1814

https://jenkins.io/security/advisory/2015-03-23/#security-180cve-2015-1814-forced-api-token-change

Affected Versions

All Jenkins releases <= 1.605
All LTS releases <= 1.596.1

PoC
Tested against Jenkins 1.605

Burp output

Validate new token works

No comments:

Post a Comment