Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose (Jenkinsfile) script is no longer approved.
References
Configurations
No configuration.
History
No history.
Information
Published : 2024-11-13 21:15
Updated : 2024-11-15 14:00
NVD link : CVE-2024-52551
Mitre link : CVE-2024-52551
CVE.ORG link : CVE-2024-52551
JSON object : View
Products Affected
No product.
CWE
CWE-276
Incorrect Default Permissions