{"vulnerability": "CVE-2019-1003029", "sightings": [{"uuid": "048fc18a-0b2a-415a-9971-7702dab52f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "MISP/5ccf3134-ea64-43c1-a356-f9f3950d210f", "content": "", "creation_timestamp": "2019-05-05T19:20:03.000000Z"}, {"uuid": "760d0cc0-a36f-4797-8369-6f417ea75a26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:22.000000Z"}, {"uuid": "f2dc1896-3771-4f60-8619-0b7f482c1a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/36bfc706-1c9e-42f4-86f1-081e72495e13", "content": "", "creation_timestamp": "2026-02-02T12:27:48.970393Z"}, {"uuid": "13dc13e5-1a51-44f6-8db9-f9c00ea4f097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2140", "content": "awesome jenkins rce 2019\nThere is no pre-auth RCE in Jenkins since May 2017, but this is the one!\nIt chains CVE-2018-1000861, CVE-2019-1003005 and CVE-2019-1003029 to a more reliable and elegant pre-auth remote code execution!\nhttps://github.com/orangetw/awesome-jenkins-rce-2019\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-07-31T07:01:12.000000Z"}, {"uuid": "05b42c3d-9a2b-4c55-8114-e2d487a9d149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "published-proof-of-concept", "source": "https://t.me/netrunnerz/438", "content": "Jenkins RCE 2019\nCVE-2018-1000861\nCVE-2019-1003005\nCVE-2019-1003029\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435:\n$ curl -s -I http://jenkins/| grep X-Jenkins\nX-Jenkins: 2.137\nX-Jenkins-Session: 20f72c2e\nX-Jenkins-CLI-Port: 50000\nX-Jenkins-CLI2-Port: 50000\n\n$ python exp.py http://jenkins/ 'curl orange.tw'\n[*] ANONYMOUS_READ disable!\n[*] Bypass with CVE-2018-1000861!\n[*] Exploit success!(it should be :P)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\nJenkins 2.53\nJenkins 2.122\nJenkins 2.137\nJenkins 2.138 with ANONYMOUS_READ enable\nJenkins 2.152 with ANONYMOUS_READ enable\nJenkins 2.153 with ANONYMOUS_READ enable\nScript Security Plugin 1.43\nScript Security Plugin 1.48", "creation_timestamp": "2023-04-06T10:40:22.000000Z"}, {"uuid": "49d320d7-ba00-434c-87e4-9f641eb43df3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:16.000000Z"}, {"uuid": "5a2da42d-8df2-4077-b31e-4bf2d2af9208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_metaprogramming.rb", "content": "", "creation_timestamp": "2019-03-18T12:37:31.000000Z"}, {"uuid": "5a465374-a6f7-4efc-8ec3-5f0fc512df49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "fc9114cb-8244-43f8-8222-e024c9e9f514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971532", "content": "", "creation_timestamp": "2024-12-24T20:30:45.352017Z"}, {"uuid": "8b2d932e-0c19-4a91-995e-9976ec87e459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/36bfc706-1c9e-42f4-86f1-081e72495e13", "content": "", "creation_timestamp": "2026-02-02T12:27:48.970393Z"}, {"uuid": "94e9b265-682b-483f-a14f-875b1874d505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "Telegram/7IgkG6nnjy1VbiJBgLbZbf_ZL1y9urS3pEDijGmcfdx0iJ4X", "content": "", "creation_timestamp": "2025-02-20T23:26:56.000000Z"}, {"uuid": "64396ca5-bcbc-42ee-8a19-1dfb57911d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "https://t.me/arpsyndicate/1757", "content": "#ExploitObserverAlert\n\nCVE-2019-1003029\n\nDESCRIPTION: Exploit Observer has 20 entries related to CVE-2019-1003029. A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.\n\nFIRST-EPSS: 0.011400000\nNVD-IS: 6.0\nNVD-ES: 3.1", "creation_timestamp": "2023-12-11T14:41:23.000000Z"}]}