How severe is CVE-2024-47803?

CVE-2024-47803 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2024-47803

Name: jenkins
Author: jenkins

4.3MEDIUM

Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.

Publicado: 10/2/2024Actualizado: 3/19/2025

Descripción

Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.

Análisis IAImpulsado por IA

Productos Afectados

jenkinsjenkins

Referencias

https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3451
Vendor Advisory