SecuriTricks - CVE-2024-52550

Product(s) Impacted

Jenkins Pipeline: Groovy Plugin

3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3

Description

Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved.

Weaknesses

Date

Published: Nov. 13, 2024, 9:15 p.m.

Last Modified: Nov. 15, 2024, 2 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

jenkinsci-cert@googlegroups.com

CVE-2024-52550

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Awaiting Analysis

Source

References

CVE-2024-52550

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Awaiting Analysis

Source

References

Share