Description
An improper authorization vulnerability exists in Jenkins Promoted Builds Plugin 2.31.1 and earlier in Status.java and ManualCondition.java that allow an attacker with read access to jobs to perform promotions.
Remediation
References
https://jenkins.io/security/advisory/2018-02-26/#SECURITY-746
Related Vulnerabilities
CVE-2023-46589 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2022-34812 Vulnerability in maven package org.jenkins-ci.plugins:xpath-config-viewer
CVE-2023-25164 Vulnerability in npm package @tinacms/cli
CVE-2022-46364 Vulnerability in maven package org.apache.cxf:cxf-core
CVE-2014-3417 Vulnerability in maven package org.jasig.portal:uportal-war