Vulnerability detail

Enriched intelligence for a single CVE

7.5

CVSS
High

CVE-2015-5317

PUBLISHED

The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name...

Exploited in the wild Remote Low complexity No user interaction

Vendor: Jenkins
Product: Jenkins
Published: Nov 25, 2015
EPSS: —

Description

The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.

cisa nessus_scanner

CVSS scores

CVSS v3.1 7.5 High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0 5.0

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitation status

Exploited in the wild

Recorded 2023-05-12 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: Yes
Technical impact: partial

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	May 12, 2023

Scanner integrations

Scanner	Reference	Detected
Nessus	https://www.tenable.com/plugins/nessus/119442	Jun 02, 2025

Timeline

CVE ID Reserved

July 01, 2015
CVE Published to Public

November 25, 2015
Added to KEVIntel

May 12, 2023
Detected by Nessus

June 02, 2025