Description

In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343).

Remediation

References

CVE-2017-2600

Related Vulnerabilities

Moodle CVE-2024-25979 Vulnerability (CVE-2024-25979)

WordPress Plugin WooCommerce Multiple Vulnerabilities (6.2.0)

WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Cross-Site Request Forgery (2.4.0)

WordPress Plugin Listing, Classified Ads & Business Directory-uListing Cross-Site Request Forgery (2.0.8)

WordPress Plugin MDC YouTube Downloader Local File Inclusion (2.1.0)

Severity

Medium

Classification

CVE-2017-2600 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities