CVE-2017-2599

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 2.44 Jenkins versions prior to 2.32.2

Description: The issue is related to an insufficient permission check, allowing users with permissions to create new items, such as jobs, to overwrite existing items they do not have access to.

Recommendations: For versions prior to 2.44, update to version 2.44 or later. For versions prior to 2.32.2, update to version 2.32.2 or later.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2017-2599

GHSA-7R4H-2H23-6JQ9

Affected Products

Jenkins

CVE-2017-2599

Weakness Enumeration

Related Identifiers

Affected Products

References · 9