CVE-2017-2604

Опубликовано: 15 мая 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4

CVSS3: 4.3

Описание

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371). All administrative monitors now require the user accessing them to be an administrator.

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	DNE	precise was needed
trusty	DNE
trusty/esm	DNE
upstream	released	2.44, 2.32.2
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 25%

0.00087

Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2017-2604

CVSS3: 4.3

redhat

около 9 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

CVE-2017-2604

CVSS3: 4.3

nvd

больше 7 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

CVE-2017-2604

CVSS3: 4.3

debian

больше 7 лет назад

In Jenkins before versions 2.44, 2.32.2 low privilege users were able ...

GHSA-m93h-5qmx-pphg

CVSS3: 4.3

github

больше 3 лет назад

Improper Authentication in Jenkins

EPSS

Процентиль: 25%

0.00087

Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3

CVE-2017-2604

Описание

Пакет jenkins

Ссылки на источники

Связанные уязвимости