Vulnerability: Incorrect Permissions Checks in Pipeline: Nodes and Processes Plugin

Vulnerability: Incorrect Permissions Checks in Pipeline: Nodes and Processes Plugin

CVE-2018-1000015 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:N

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline `node` blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes plugin 2.17 and earlier.

Learn more about our Web Application Penetration Testing UK.