CVE-2017-2652

2018-07-27T20:29:00
ID CVE-2017-2652
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:27:00

Description

It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes.