Lucene search
Veracode Vulnerability DatabaseVERACODE:3705HistoryMar 21, 2017 - 5:57 a.m.
Arbitrary Code Execution Via Bypassing Permission Check
2017-03-2105:57:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
43.6%
distfork is vulnerable to arbitrary code execution via bypassing permission check. The bypass is possible because it only performs basic permission (overall/read) checks and allows anyone with that permission to execute arbitrary shell commands on all connected nodes.
| CPE | Name | Operator | Version |
|---|---|---|---|
| hudson distributed fork plugin | le | 1.1 |
Related
cve
cve
CVE-2017-2652
2018-07-27 20:29:00
github
github
Missing permission checks in Jenkins Distributed Fork Plugin
2022-05-13 01:36:51
prion
prion
Command injection
2018-07-27 20:29:00
cvelist
cvelist
CVE-2017-2652
2017-03-20 00:00:00
osv
osv
Missing permission checks in Jenkins Distributed Fork Plugin
2022-05-13 01:36:51
nvd
nvd
CVE-2017-2652
2018-07-27 20:29:00