CVE-2014-3662

Published: Oct 16, 2014
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2014-3662" target="_blank" rel="noopener"> CVE-2014-3662
GHSA: <a href="https://github.com/advisories/GHSA-fxqr-px2m-fvc2" target="_blank" rel="noopener"> GHSA-fxqr-px2m-fvc2
Severity: Medium
Exploit:

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.

CVSS v2:

CWEs:

Software	From	Fixed in
jenkins / jenkins	-	1.582.x
redhat / openshift	-	3.1.x
jenkins / jenkins	-	1.565.2.x
org.jenkins-ci.main / jenkins-core	1.566	1.583
org.jenkins-ci.main / jenkins-core	-	1.565.3