Описание
Jenkins Folder-based Authorization Strategy Plugin 217.vd5b_18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 217.vd5b_18537403e (включая)
cpe:2.3:a:jenkins:folder-based_authorization_strategy:*:*:*:*:*:jenkins:*:*
EPSS
Процентиль: 26%
0.00089
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 6.8
github
около 1 года назад
Disabled permissions can be granted by Folder-based in Jenkins Authorization Strategy Plugin
EPSS
Процентиль: 26%
0.00089
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-863