CVE-2017-2604

Medium

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently…

redhat·CWE-358·Published 2018-05-15

CVSS

4.3

EPSS

0.01

KEV

Exploits

cve.orgen

185 chars

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

NVDen

185 chars

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

In Jenkins before versions 2.44 and 2.32.2, low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

GHSAen

189 chars

In Jenkins before versions 2.44 and 2.32.2, low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

NVDes

244 chars

En Jenkins en versiones anteriores a la 2.44 y 2.32.2, los usuarios de privilegios bajos podían realizar acciones en los monitores administrativos debido a que no estaban protegidos de forma consistente por controles de permisos (SECURITY-371).

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N
3.0	Primary	cve.org	4.3	—	—	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.0	Primary	cve.org	4.3	—	—	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.0	Primary	NVD	4.3	2.8	1.4	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.0	Secondary	NVD	4.3	2.8	1.4	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.1	Secondary	GHSA	4.3	—	—	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N