BIT-JENKINS-2024-43045

Jenkins LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...

Improper Access Control

org.jenkins-ci.main, jenkins-core is vulnerable to Improper Access Control. The vulnerability is caused due to a missing permission check in an HTTP end point. This allows attackers with Overall/Read permission to access other users' "My Views" and attackers with global View/Configure and...

GHSA-8PV9-QH96-9HC6 Jenkins does not perform a permission check in an HTTP endpoint

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to access other users' "My Views". Attackers with global View/Configure and View/Delete permissions are also able to change other users' "...

CVE-2024-43045

Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...

Jenkins 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins 2.470 and earlier and LTS 2.452.3 and earlier, which stems from a failure to...

PT-2024-30269 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.470 and earlier Jenkins LTS versions 2.452.3 and earlier Description: The issue arises from a lack of permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...