CVE-2017-2652
CVE-2017-2652
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 1.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
27 jul 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes.
Produtos afetados
Jenkins project · DistFork Jenkins pluginQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →