CVE-2023-41939

Name of the Vulnerable Software and Affected Versions Jenkins SSH2 Easy Plugin versions 1.4 and earlier

Description The issue is related to the verification of permissions configured to be granted. It potentially allows users who were formerly granted certain permissions, such as Overall/Manage, to access functionality they are no longer entitled to. This is because the plugin does not verify that these permissions are enabled.

Recommendations For Jenkins SSH2 Easy Plugin versions 1.4 and earlier, consider updating to a version that includes the fix for this issue, as the current version does not properly verify permissions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.