CVE-2024-52550
8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Jenkins Project | Jenkins Pipeline: Groovy Plugin | 0 <= 3975.v567e2a_1ffa_22 | affected |
| Jenkins Project | Jenkins Pipeline: Groovy Plugin | 3990.vd281dd77a_388 | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.