CVE-2016-3723

medium

Published 2016-05-17 · Modified 2023-11-08

CVSS v3

4.3

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2

4.0

VIR risk

4.3

Description

Exposure of Sensitive Information in Jenkins Core

Exploit likelihood

53%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — https://www.cloudbees.com/jenkins-security-advisory-2016-05-11

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11

Ecosystem	Package	Vulnerable	Fixed
Maven	org.jenkins-ci.main:jenkins-core	`<2.3`	`2.3`

Vendor	Product	Versions
jenkins	jenkins	`{"endIncluding":"2.2"}`
redhat	openshift	`3.1`
redhat	openshift	`3.2`

CWE-200

Verify integrity in audit chain (admin only). AS-IS.