Security Advisory

CVE-2020-2254

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-16 13:20:39

Last updated 2024-08-04 07:01:41

Assigner jenkins

State PUBLISHED

Description

Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system.

← Browse all CVEs View on cve.org ↗