An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NJenkins Role Based Authorization Strategy
APPJenkins≤ 3.1
Powiązane podatności
Jenkins Role-based Authorization Strategy Plugin 587.v2872c41fa_e51 and earlier grants permissions even after ...
Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cac...
Role-based Authorization Strategy Plugin was not requiring requests to its API be sent via POST, thereby openi...
Jenkins CLI – odczyt dowolnych plików przez path traversal bez uwierzytelnienia
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/...