Pipeline: Classpath Step Jenkins Plugin Vulnerability

CVE-2017-2650 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins.

Learn more about our User Device Pen Test.