CVE-2017-1000403

Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts.
References
Link Resource
https://jenkins.io/security/advisory/2017-10-11/ Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:speaks\!:*:*:*:*:*:jenkins:*:*

Information

Published : 2018-01-25 18:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-1000403

Mitre link : CVE-2017-1000403


JSON object : View

CWE
CWE-732

Incorrect Permission Assignment for Critical Resource

Advertisement

dedicated server usa

Products Affected

jenkins

  • speaks\!