Описание
Jenkins Git server Plugin does not perform a permission check
Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH.
This allows attackers with a previously configured SSH public key but lacking Overall/Read permission to access Git repositories.
Git server Plugin 117.veb_68868fa_027 requires Overall/Read permission to access Git repositories over SSH.
Пакеты
org.jenkins-ci.plugins:git-server
< 117.veb
117.veb
Связанные уязвимости
Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.
Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.