CVE-2017-2604

Опубликовано: 15 мая 2018

Источник: debian

Описание

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jenkins	removed			package

Примечания

https://jenkins.io/security/advisory/2017-02-01/

Связанные уязвимости

CVE-2017-2604

CVSS3: 4.3

ubuntu

больше 7 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371). All administrative monitors now require the user accessing them to be an administrator.

CVE-2017-2604

CVSS3: 4.3

redhat

около 9 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

CVE-2017-2604

CVSS3: 4.3

nvd

больше 7 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

GHSA-m93h-5qmx-pphg

CVSS3: 4.3

github

больше 3 лет назад

Improper Authentication in Jenkins