Security Policy EOL/Obsolete Software: Jenkins 1.x Detected

漏洞类别:Security Policy

漏洞等级:

漏洞信息

Jenkins is an open source automation server written in Java.

Support for Jenkins 1.x ended on 2016-07-07. No further bug fixes, enhancements, security updates or technical support is available for this version.

QID Detection Logic:
This unauthenticated QID sends a probe packet to UDP port 33848, extract Jenkins version from the reply.

漏洞危害

The system is at high risk of being exposed to security vulnerabilities. Because the vendor no longer provides updates, obsolete software is more vulnerable to viruses and other attacks.

解决方案

Upgrade to Jenkins 2 or later.

Leave a Reply