Description
A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3083
Related Vulnerabilities
CVE-2023-24437 Vulnerability in maven package org.jenkins-ci.plugins:jira-steps
CVE-2022-33140 Vulnerability in maven package org.apache.nifi.registry:nifi-registry-framework
CVE-2011-5064 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2020-1933 Vulnerability in maven package org.apache.nifi:nifi-web-api
CVE-2021-27578 Vulnerability in maven package org.apache.zeppelin:zeppelin