Description
The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener.
Remediation
References
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
https://access.redhat.com/errata/RHSA-2016:0711
http://rhn.redhat.com/errata/RHSA-2016-1773.html
Related Vulnerabilities
CVE-2023-50775 Vulnerability in maven package org.jenkins-ci.plugins:ec2-deployment-dashboard
CVE-2021-28169 Vulnerability in maven package org.eclipse.jetty:jetty-servlets
CVE-2023-30094 Vulnerability in npm package total4
CVE-2023-25753 Vulnerability in maven package org.apache.shenyu:shenyu-common