{"id":361,"date":"2025-09-28T18:00:11","date_gmt":"2025-09-28T18:00:11","guid":{"rendered":"https:\/\/aldomonges.com\/aldomonges\/?p=361"},"modified":"2025-09-28T18:00:11","modified_gmt":"2025-09-28T18:00:11","slug":"vulnerabilidad-en-productos-jenkins","status":"publish","type":"post","link":"https:\/\/aldomonges.com\/aldomonges\/?p=361","title":{"rendered":"Vulnerabilidad en productos Jenkins"},"content":{"rendered":"<p>Se ha descubierto una vulnerabilidad de severidad alta en productos Jenkins. Un actor malicioso podr\u00eda provocar una denegaci\u00f3n de servicio.<\/p>\n<p><strong>Producto<\/strong><strong>s a<\/strong><strong>fectado<\/strong><strong>s<\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li>Jenkins, versiones 2.523 y anteriores.<\/li>\n<li>Jenkins LTS, versiones 2.516.2 y anteriores.<\/li>\n<\/ul>\n<p><strong>Impacto<\/strong><\/p>\n<p><strong>La vulnerabilidad se ha identificado como:<\/strong><\/p>\n<p><strong>CVE-2025-<\/strong><strong>5115<\/strong><strong>:\u00a0<\/strong>con una puntuaci\u00f3n de 7.7 en CVSS v4.0. Existe una vulnerabilidad de consumo no controlado de recursos en Jetty, el cual es utilizado por Jenkins. Un actor malicioso podr\u00eda provocar una denegaci\u00f3n de servicio.<\/p>\n<p><strong>Recomendaci\u00f3n<\/strong><\/p>\n<p>Actualizar a la \u00faltima versi\u00f3n disponible a trav\u00e9s del sitio web oficial del fabricante.<\/p>\n<p><strong>Referencias<\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li>https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-5115<\/li>\n<li>https:\/\/www.jenkins.io\/security\/advisory\/2025-09-17\/<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Se ha descubierto una vulnerabilidad de severidad alta en productos Jenkins. Un actor malicioso podr\u00eda provocar una denegaci\u00f3n de servicio. Productos afectados Jenkins, versiones 2.523 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":362,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-361","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-seguridad-informatica"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/unaaldia.hispasec.com\/wp-content\/uploads\/2019\/05\/jenkins.png?w=225&ssl=1","_links":{"self":[{"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/posts\/361","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=361"}],"version-history":[{"count":1,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/posts\/361\/revisions"}],"predecessor-version":[{"id":363,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/posts\/361\/revisions\/363"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=\/wp\/v2\/media\/362"}],"wp:attachment":[{"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=361"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aldomonges.com\/aldomonges\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}