Cloudbees · Jenkins · CVE-2017-2603
Name of the Vulnerable Software and Affected Versions:
Jenkins versions prior to 2.44
Jenkins versions prior to 2.32.2
Description:
The issue concerns a user data leak in disconnected agents' config.xml API, potentially exposing sensitive data such as API tokens.
Recommendations:
For versions prior to 2.44, update to version 2.44 or later.
For versions prior to 2.32.2, update to version 2.32.2 or later.