PT-2018-7126 · Jenkins · Jenkins
Taneli Vallo
·
Publicado
2018-04-11
·
Atualizado
2022-11-30
·
CVE-2017-2599
CVSS v2.0
5.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Jenkins versions prior to 2.44
Jenkins versions prior to 2.32.2
Description:
The issue is related to an insufficient permission check, allowing users with permissions to create new items, such as jobs, to overwrite existing items they do not have access to.
Recommendations:
For versions prior to 2.44, update to version 2.44 or later.
For versions prior to 2.32.2, update to version 2.32.2 or later.
Correção
Incorrect Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Jenkins