Описание
Improper Authentication in Jenkins
In Jenkins before versions 2.44 and 2.32.2, low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).
Пакеты
org.jenkins-ci.main:jenkins-core
<= 2.32.1
2.32.2
org.jenkins-ci.main:jenkins-core
>= 2.34, <= 2.43
2.44
Связанные уязвимости
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371). All administrative monitors now require the user accessing them to be an administrator.
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).
In Jenkins before versions 2.44, 2.32.2 low privilege users were able ...