Security Advisory

CVE-2020-2097

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-15 15:15:26

Last updated 2024-08-04 06:54:00

Assigner jenkins

State PUBLISHED

Description

Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.

← Browse all CVEs View on cve.org ↗