Arbitrary Code Execution Vulnerability in Jenkins Combination Filter Groovy Script

Arbitrary Code Execution Vulnerability in Jenkins Combination Filter Groovy Script

CVE-2015-1806 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code on the master via unspecified vectors.

Learn more about our User Device Pen Test.