Description

Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose (Jenkinsfile) script is no longer approved.

INFO

Published Date :

2024-11-13T20:53:01.666Z

Last Modified :

2024-11-14T15:05:27.789Z

Source :

jenkins
AFFECTED PRODUCTS

The following products are affected by CVE-2024-52551 vulnerability.

Vendors Products
Jenkins
  • Pipeline\
Jenkins Project
  • Jenkins Pipeline Declaratrive Plugin
Redhat
  • Ocp Tools
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-52551.

URL Resource
https://nvd.nist.gov/vuln/detail/CVE-2024-52551 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-52551 cve-icon
https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3361 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact