CVE-2017-2599 in Jenkinsinfo

Summary

Jenkins before versions 2.44 and 2.32.2 is vulnerable to an insufficient permission check. This allows users with permissions to create new items (e.g. jobs) to overwrite existing items they don't have access to (SECURITY-321).

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Red Hat, Inc.

Reservation

12/01/2016

Disclosure

04/11/2018

Moderation

VulDB entry created

Entries

1: VDB-116083

CPE

ready

CWE

CWE-275 (Confirmed)

CVSS

5.8

EPSS

0.00164

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-2599
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-2599
CVE Details	https://www.cvedetails.com/cve/CVE-2017-2599/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!