Vulnerability: Insufficient Permission Check in Blue Ocean for Access to Archived Artifacts

Vulnerability: Insufficient Permission Check in Blue Ocean for Access to Archived Artifacts

CVE-2017-1000105 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The optional Run/Artifacts permission can be enabled by setting a Java system property. Blue Ocean did not check this permission before providing access to archived artifacts, Item/Read permission was sufficient.

Learn more about our Web Application Penetration Testing UK.