CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2015-5317

criticalknown exploitedcovered by 1 sourcefirst seen 2023-05-12
Actively exploited. CVE-2015-5317 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2023-05-12) — exploitation has been observed in the wild, and US federal agencies are required to remediate it under BOD 22-01. Treat patching as urgent.
Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the "Fingerprints" pages.

CSIRTS triage

What
There is an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them.
Who is affected
Users of Jenkins UI are affected.
Urgency
Remediation is urgent due to the critical severity and confirmed exploitation.
Action
Users should update to the latest version of Jenkins.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2015-5317

Get an email if CVE-2015-5317 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2015-5317

CVE.org record

CISA KEV catalog

Embed the live status

CVE-2015-5317 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2015-5317 status](https://www.csirts.com/badge/CVE-2015-5317)](https://www.csirts.com/cve/CVE-2015-5317)