CVE-2013-0158

Name: CVE-2013-0158
Creator: NVD / NIST
Published: 2013-02-24T22:55:01.253+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.46%

Last modified Jun 16, 2026

CVE-2013-0158 is a vulnerability of currently unknown severity. Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.. EPSS estimates a 2.46% chance of exploitation in the next 30 days.

Description

Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.

Metrics

EPSS Probability

2.46%

82.3th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Cloudbees	Jenkins	<= 1.480.3.1
Jenkins	Jenkins	1.400
Jenkins	Jenkins	1.401
Jenkins	Jenkins	1.402
Jenkins	Jenkins	1.403
Jenkins	Jenkins	1.404
Jenkins	Jenkins	1.405
Jenkins	Jenkins	1.406
Jenkins	Jenkins	1.407
Jenkins	Jenkins	1.408
Jenkins	Jenkins	1.409
Jenkins	Jenkins	1.410
Jenkins	Jenkins	1.411
Jenkins	Jenkins	1.412
Jenkins	Jenkins	1.413
Jenkins	Jenkins	1.414
Jenkins	Jenkins	1.415
Jenkins	Jenkins	1.416
Jenkins	Jenkins	1.417
Jenkins	Jenkins	1.418
Jenkins	Jenkins	1.419
Jenkins	Jenkins	1.420
Jenkins	Jenkins	1.421
Jenkins	Jenkins	1.422
Jenkins	Jenkins	1.423
Jenkins	Jenkins	1.424
Jenkins	Jenkins	1.425
Jenkins	Jenkins	1.426
Jenkins	Jenkins	1.427
Jenkins	Jenkins	1.428
Jenkins	Jenkins	1.429
Jenkins	Jenkins	1.430
Jenkins	Jenkins	1.431
Jenkins	Jenkins	1.432
Jenkins	Jenkins	1.433
Jenkins	Jenkins	1.434
Jenkins	Jenkins	1.435
Jenkins	Jenkins	1.436
Jenkins	Jenkins	1.437
Cloudbees	Jenkins	1.466.1.2
Cloudbees	Jenkins	1.466.2.1
Cloudbees	Jenkins	1.400
Cloudbees	Jenkins	1.424
Cloudbees	Jenkins	1.447
Jenkins	Jenkins	<= 1.466.2
Jenkins	Jenkins	1.409.1
Jenkins	Jenkins	1.409.2
Jenkins	Jenkins	1.409.3
Jenkins	Jenkins	1.424.1
Jenkins	Jenkins	1.424.2

Showing 50 of 60 affected configurations. See NVD for the full list.

References

Timeline

Published: Feb 24, 2013
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-0158?

How severe is CVE-2013-0158?

Severity scoring for CVE-2013-0158 is pending analysis. The EPSS model estimates a 2.46% probability of exploitation in the next 30 days.

How do I fix CVE-2013-0158?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-0158?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST