CVE-2012-0324

Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0325.

公開: 2012-03-09 最後更新: 2026-06-16 指派方: [email protected] 來源: [email protected]

結論預警: CVE-2012-0324 綜合評估為低風險(39.9/100):CVSS 技術影響為中級,利用機率(EPSS 1.14%) 強制指令: 持續追蹤利用情報與 EPSS 變化,並適時複評優先級。

風險隨態勢動態變化;本站持續評估並同步更新本頁展示內容。

CVE-2012-0324 的 EPSS(利用預測評分)

EPSS 日更估計相對被利用可能性;百分位表示該 CVE 在已評分漏洞中的相對排名(越高表示相對更嚴重)。

# 日期 舊 EPSS 分數 新 EPSS 分數 變化(新 − 舊)
1 2026-06-15 0.21% 1.14% +0.93%
2 2025-03-30 0.45% 0.21% -0.24%
3 2025-03-29 0.45%

完整 EPSS 歷史 (共 7 筆)

CVE-2012-0324 的 CVSS 指標

該 CVE 的 CVSS 指標。

底座分 版本 嚴重度 向量 可利用性 影響 分數來源
4.3 2.0 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N 點擊展開
存取路徑 (AV:N)
只要路由可達,即可從遠端發動利用。
存取複雜度 (AC:M)
需要若干有利條件,但不必「千年一遇」。
認證 (AU:N)
全程無需有效身分。
機密性影響 (C:N)
對機密性無影響。
完整性影響 (I:P)
完整性受到部分損害。
可用性影響 (A:N)
對可用性無影響。
8.6 2.9 [email protected]

CVE-2012-0324 的弱點列舉

CVE-2012-0324 的 GitHub 安全公告

GHSA-4w4h-8qh9-342x · 嚴重度: low · 生態: maven — Jenkins allows Cross-Site Scripting (XSS)

CVE-2012-0324 的 OS 追蹤

vendor priority summary link
ubuntu medium CVE-2012-0324 medium priority: Ubuntu including 1 source packages (jenkins), 9 status rows across 9 suites (hardy, lucid, maverick, natty, oneiric, precise, quantal, raring, upstream): DNE 4, not-affected 3, ignored 1, released 1. https://ubuntu.com/security/CVE-2012-0324

CVE-2012-0324 的影響軟體 / 設定

廠商 產品 版本 原始 CPE
cloudbees jenkins 1.400 cpe:2.3:a:cloudbees:jenkins:1.400:*:enterprise:*:*:*:*:*
cloudbees jenkins 1.400.0.12 cpe:2.3:a:cloudbees:jenkins:1.400.0.12:*:enterprise:*:*:*:*:*
cloudbees jenkins 1.424 cpe:2.3:a:cloudbees:jenkins:1.424:*:enterprise:*:*:*:*:*
cloudbees jenkins 1.424.5 cpe:2.3:a:cloudbees:jenkins:1.424.5:*:enterprise:*:*:*:*:*
cloudbees jenkins 1.400 cpe:2.3:a:cloudbees:jenkins:1.400:*:lts:*:*:*:*:*
cloudbees jenkins 1.400.0.12 cpe:2.3:a:cloudbees:jenkins:1.400.0.12:*:lts:*:*:*:*:*
cloudbees jenkins <= 1.453 cpe:2.3:a:cloudbees:jenkins:*:*:*:*:*:*:*:*
jenkins jenkins 1.301 cpe:2.3:a:jenkins:jenkins:1.301:*:*:*:*:*:*:*
jenkins jenkins 1.302 cpe:2.3:a:jenkins:jenkins:1.302:*:*:*:*:*:*:*
jenkins jenkins 1.303 cpe:2.3:a:jenkins:jenkins:1.303:*:*:*:*:*:*:*
jenkins jenkins 1.304 cpe:2.3:a:jenkins:jenkins:1.304:*:*:*:*:*:*:*
jenkins jenkins 1.305 cpe:2.3:a:jenkins:jenkins:1.305:*:*:*:*:*:*:*
jenkins jenkins 1.306 cpe:2.3:a:jenkins:jenkins:1.306:*:*:*:*:*:*:*
jenkins jenkins 1.307 cpe:2.3:a:jenkins:jenkins:1.307:*:*:*:*:*:*:*
jenkins jenkins 1.308 cpe:2.3:a:jenkins:jenkins:1.308:*:*:*:*:*:*:*
jenkins jenkins 1.309 cpe:2.3:a:jenkins:jenkins:1.309:*:*:*:*:*:*:*
jenkins jenkins 1.310 cpe:2.3:a:jenkins:jenkins:1.310:*:*:*:*:*:*:*
jenkins jenkins 1.311 cpe:2.3:a:jenkins:jenkins:1.311:*:*:*:*:*:*:*
jenkins jenkins 1.312 cpe:2.3:a:jenkins:jenkins:1.312:*:*:*:*:*:*:*
jenkins jenkins 1.313 cpe:2.3:a:jenkins:jenkins:1.313:*:*:*:*:*:*:*
jenkins jenkins 1.314 cpe:2.3:a:jenkins:jenkins:1.314:*:*:*:*:*:*:*
jenkins jenkins 1.315 cpe:2.3:a:jenkins:jenkins:1.315:*:*:*:*:*:*:*
jenkins jenkins 1.316 cpe:2.3:a:jenkins:jenkins:1.316:*:*:*:*:*:*:*
jenkins jenkins 1.317 cpe:2.3:a:jenkins:jenkins:1.317:*:*:*:*:*:*:*
jenkins jenkins 1.318 cpe:2.3:a:jenkins:jenkins:1.318:*:*:*:*:*:*:*
jenkins jenkins 1.319 cpe:2.3:a:jenkins:jenkins:1.319:*:*:*:*:*:*:*
jenkins jenkins 1.320 cpe:2.3:a:jenkins:jenkins:1.320:*:*:*:*:*:*:*
jenkins jenkins 1.321 cpe:2.3:a:jenkins:jenkins:1.321:*:*:*:*:*:*:*
jenkins jenkins 1.322 cpe:2.3:a:jenkins:jenkins:1.322:*:*:*:*:*:*:*
jenkins jenkins 1.323 cpe:2.3:a:jenkins:jenkins:1.323:*:*:*:*:*:*:*
jenkins jenkins 1.324 cpe:2.3:a:jenkins:jenkins:1.324:*:*:*:*:*:*:*
jenkins jenkins 1.325 cpe:2.3:a:jenkins:jenkins:1.325:*:*:*:*:*:*:*
jenkins jenkins 1.326 cpe:2.3:a:jenkins:jenkins:1.326:*:*:*:*:*:*:*
jenkins jenkins 1.327 cpe:2.3:a:jenkins:jenkins:1.327:*:*:*:*:*:*:*
jenkins jenkins 1.328 cpe:2.3:a:jenkins:jenkins:1.328:*:*:*:*:*:*:*
jenkins jenkins 1.329 cpe:2.3:a:jenkins:jenkins:1.329:*:*:*:*:*:*:*
jenkins jenkins 1.330 cpe:2.3:a:jenkins:jenkins:1.330:*:*:*:*:*:*:*
jenkins jenkins 1.331 cpe:2.3:a:jenkins:jenkins:1.331:*:*:*:*:*:*:*
jenkins jenkins 1.332 cpe:2.3:a:jenkins:jenkins:1.332:*:*:*:*:*:*:*
jenkins jenkins 1.333 cpe:2.3:a:jenkins:jenkins:1.333:*:*:*:*:*:*:*
jenkins jenkins 1.334 cpe:2.3:a:jenkins:jenkins:1.334:*:*:*:*:*:*:*
jenkins jenkins 1.335 cpe:2.3:a:jenkins:jenkins:1.335:*:*:*:*:*:*:*
jenkins jenkins 1.336 cpe:2.3:a:jenkins:jenkins:1.336:*:*:*:*:*:*:*
jenkins jenkins 1.337 cpe:2.3:a:jenkins:jenkins:1.337:*:*:*:*:*:*:*
jenkins jenkins 1.338 cpe:2.3:a:jenkins:jenkins:1.338:*:*:*:*:*:*:*
jenkins jenkins 1.339 cpe:2.3:a:jenkins:jenkins:1.339:*:*:*:*:*:*:*
jenkins jenkins 1.340 cpe:2.3:a:jenkins:jenkins:1.340:*:*:*:*:*:*:*
jenkins jenkins 1.341 cpe:2.3:a:jenkins:jenkins:1.341:*:*:*:*:*:*:*
jenkins jenkins 1.342 cpe:2.3:a:jenkins:jenkins:1.342:*:*:*:*:*:*:*
jenkins jenkins 1.343 cpe:2.3:a:jenkins:jenkins:1.343:*:*:*:*:*:*:*
jenkins jenkins 1.344 cpe:2.3:a:jenkins:jenkins:1.344:*:*:*:*:*:*:*
jenkins jenkins 1.345 cpe:2.3:a:jenkins:jenkins:1.345:*:*:*:*:*:*:*
jenkins jenkins 1.346 cpe:2.3:a:jenkins:jenkins:1.346:*:*:*:*:*:*:*
jenkins jenkins 1.347 cpe:2.3:a:jenkins:jenkins:1.347:*:*:*:*:*:*:*
jenkins jenkins 1.348 cpe:2.3:a:jenkins:jenkins:1.348:*:*:*:*:*:*:*
jenkins jenkins 1.349 cpe:2.3:a:jenkins:jenkins:1.349:*:*:*:*:*:*:*
jenkins jenkins 1.350 cpe:2.3:a:jenkins:jenkins:1.350:*:*:*:*:*:*:*
jenkins jenkins 1.351 cpe:2.3:a:jenkins:jenkins:1.351:*:*:*:*:*:*:*
jenkins jenkins 1.352 cpe:2.3:a:jenkins:jenkins:1.352:*:*:*:*:*:*:*
jenkins jenkins 1.353 cpe:2.3:a:jenkins:jenkins:1.353:*:*:*:*:*:*:*
jenkins jenkins 1.354 cpe:2.3:a:jenkins:jenkins:1.354:*:*:*:*:*:*:*
jenkins jenkins 1.355 cpe:2.3:a:jenkins:jenkins:1.355:*:*:*:*:*:*:*
jenkins jenkins 1.356 cpe:2.3:a:jenkins:jenkins:1.356:*:*:*:*:*:*:*
jenkins jenkins 1.357 cpe:2.3:a:jenkins:jenkins:1.357:*:*:*:*:*:*:*
jenkins jenkins 1.358 cpe:2.3:a:jenkins:jenkins:1.358:*:*:*:*:*:*:*
jenkins jenkins 1.359 cpe:2.3:a:jenkins:jenkins:1.359:*:*:*:*:*:*:*
jenkins jenkins 1.360 cpe:2.3:a:jenkins:jenkins:1.360:*:*:*:*:*:*:*
jenkins jenkins 1.361 cpe:2.3:a:jenkins:jenkins:1.361:*:*:*:*:*:*:*
jenkins jenkins 1.362 cpe:2.3:a:jenkins:jenkins:1.362:*:*:*:*:*:*:*
jenkins jenkins 1.363 cpe:2.3:a:jenkins:jenkins:1.363:*:*:*:*:*:*:*
jenkins jenkins 1.364 cpe:2.3:a:jenkins:jenkins:1.364:*:*:*:*:*:*:*
jenkins jenkins 1.365 cpe:2.3:a:jenkins:jenkins:1.365:*:*:*:*:*:*:*
jenkins jenkins 1.366 cpe:2.3:a:jenkins:jenkins:1.366:*:*:*:*:*:*:*
jenkins jenkins 1.367 cpe:2.3:a:jenkins:jenkins:1.367:*:*:*:*:*:*:*
jenkins jenkins 1.368 cpe:2.3:a:jenkins:jenkins:1.368:*:*:*:*:*:*:*
jenkins jenkins 1.369 cpe:2.3:a:jenkins:jenkins:1.369:*:*:*:*:*:*:*
jenkins jenkins 1.370 cpe:2.3:a:jenkins:jenkins:1.370:*:*:*:*:*:*:*
jenkins jenkins 1.371 cpe:2.3:a:jenkins:jenkins:1.371:*:*:*:*:*:*:*
jenkins jenkins 1.372 cpe:2.3:a:jenkins:jenkins:1.372:*:*:*:*:*:*:*
jenkins jenkins 1.373 cpe:2.3:a:jenkins:jenkins:1.373:*:*:*:*:*:*:*

CVE-2012-0324 的參考連結

cvelogic Threat Intelligence