Описание
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in.
Ссылки
- Mailing ListThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.8.1 (исключая)
cpe:2.3:a:jenkins:wmi_windows_agents:*:*:*:*:*:jenkins:*:*
EPSS
Процентиль: 75%
0.0091
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 4.2
github
больше 3 лет назад
Missing Authorization in Jenkins WMI Windows Agents plugin
EPSS
Процентиль: 75%
0.0091
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-862