5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
51.1%
In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343).
www.securityfocus.com/bid/95954
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2600
github.com/jenkinsci/jenkins/commit/0f92cd08a19207de2cceb6a2f4e3e9f92fdc0899
jenkins.io/security/advisory/2017-02-01/