PT-2018-5267 · Jenkins · Jenkins

Daniel Beck

Publicado

2018-01-24

Atualizado

2022-05-14

CVE-2017-1000503

CVSS v3.1

8.1

Alta

Vetor

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Jenkins versions 2.81 through 2.94

Description A race condition during startup could result in the wrong order of execution of commands during initialization, potentially leading to failure in initializing the setup wizard on the first startup. This issue could cause multiple security-related settings not to be set to their usual strict default.

Recommendations For Jenkins versions 2.81 through 2.94, update to a version outside of this range to ensure proper initialization of security settings.

Correção

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

CVE-2017-1000503

GHSA-R5X3-2446-HRP7

Produtos afetados

Jenkins

PT-2018-5267 · Jenkins · Jenkins

CVE-2017-1000503

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6