CVE-2017-2604

Опубликовано: 01 фев. 2017

Источник: redhat

CVSS3: 4.3

Описание

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenShift Enterprise 2	jenkins	Under investigation
Red Hat OpenShift Enterprise 3	jenkins	Under investigation

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-358

https://bugzilla.redhat.com/show_bug.cgi?id=1418714jenkins: Low privilege users were able to act on administrative monitors (SECURITY-371)

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2017-2604

CVSS3: 4.3

ubuntu

больше 7 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371). All administrative monitors now require the user accessing them to be an administrator.

CVE-2017-2604

CVSS3: 4.3

nvd

больше 7 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

CVE-2017-2604

CVSS3: 4.3

debian

больше 7 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able ...

GHSA-m93h-5qmx-pphg

CVSS3: 4.3

github

больше 3 лет назад

Improper Authentication in Jenkins

4.3 Medium

CVSS3