Primary

Context

Jenkins Folder-based Authorization Strategy Plugin Incorrect Permission Grant Vulnerability

Vulnerability

Patched

A vulnerability exists in the Jenkins Folder-based Authorization Strategy Plugin in versions through 217.vd5b_18537403e. The plugin fails to properly verify that granted permissions are enabled, which could allow users who previously had certain permissions, such as Overall/Manage, to access functionalities they are no longer entitled to.

Impact

Exploitation of this vulnerability could lead to unauthorized access to certain functionalities within Jenkins, allowing users to perform actions or access features they should not have rights to.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

1.3

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

1.3

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Jenkins Folder-based Authorization Strategy Plugin Incorrect Permission Grant Vulnerability

Vulnerability

Impact

Affected Products

Jenkins Folder-based Authorization Strategy Plugin

Jenkins Bitbucket Server Integration Plugin

Jenkins GitLab Plugin

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating