Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins role-based authorization strategy vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-2286
Jenkins Role-based Authorization Strategy Plugin 3.0 and previous versions does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration.
Jenkins Role-based Authorization Strategy
6.8
CVSSv2
CVE-2017-1000090
Role-based Authorization Strategy Plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks. This allowed malicious users to add administrator role to any user, or to remove the authorization configuration, prevent...
Jenkins Role-based Authorization Strategy
4.3
CVSSv2
CVE-2021-21641
A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and previous versions allows malicious users to to promote builds.
Jenkins Promoted Builds
4
CVSSv2
CVE-2021-21624
An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and previous versions allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders.
Jenkins Role-based Authorization Strategy
NA
CVE-2023-28668
Jenkins Role-based Authorization Strategy Plugin 587.v2872c41fa_e51 and previous versions grants permissions even after they've been disabled.
Jenkins Role-based Authorization Strategy
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started