exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2024-47804

9 месяцев назад

If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.

CVSS3: 5.3

EPSS: Низкий

CVE-2024-47804

9 месяцев назад

If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.

CVSS3: 4.3

EPSS: Низкий

CVE-2024-47804

9 месяцев назад

If an attempt is made to create an item of a type prohibited by `ACL#h ...

CVSS3: 4.3

EPSS: Низкий

GHSA-f9qj-77q2-h5c5

9 месяцев назад

Jenkins item creation restriction bypass vulnerability

CVSS3: 4.3

EPSS: Низкий

BDU:2024-08496

9 месяцев назад

Уязвимость сервера автоматизации Jenkins, связанная с недостатками контроля доступа, позволяющая нарушителю обойти ограничения и создать временный элемент

CVSS3: 4.3

EPSS: Низкий

ROS-20241015-08

8 месяцев назад

Множественные уязвимости jenkins

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-47804 If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.	CVSS3: 5.3	0% Низкий	9 месяцев назад
CVE-2024-47804 If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.	CVSS3: 4.3	0% Низкий	9 месяцев назад
CVE-2024-47804 If an attempt is made to create an item of a type prohibited by `ACL#h ...	CVSS3: 4.3	0% Низкий	9 месяцев назад
GHSA-f9qj-77q2-h5c5 Jenkins item creation restriction bypass vulnerability	CVSS3: 4.3	0% Низкий	9 месяцев назад
BDU:2024-08496 Уязвимость сервера автоматизации Jenkins, связанная с недостатками контроля доступа, позволяющая нарушителю обойти ограничения и создать временный элемент	CVSS3: 4.3	0% Низкий	9 месяцев назад
ROS-20241015-08 Множественные уязвимости jenkins	CVSS3: 4.3		8 месяцев назад

Уязвимостей на страницу