Jenkins Speaks! Plugin Privilege Escalation Vulnerability

Jenkins Speaks! Plugin Privilege Escalation Vulnerability

CVE-2017-1000403 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts.

Learn more about our User Device Pen Test.