PT-2018-7138 · Jenkins · Jenkins

Publicado

2018-05-15

Atualizado

2022-05-13

CVE-2017-2612

CVSS v2.0

5.5

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 2.44 Jenkins versions prior to 2.32.2

Description: The issue allows low privilege users to override JDK download credentials, which may cause future builds to fail when downloading a JDK.

Recommendations: For versions prior to 2.44, update to version 2.44 or later. For versions prior to 2.32.2, update to version 2.32.2 or later.

Correção

Improperly Implemented Security Check for Standard

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2017-2612

GHSA-WF9G-RH76-6JVR

Jenkins