Security Advisory

CVE-2020-2294

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-10-08 12:40:28

Last updated 2024-08-04 07:01:41

Assigner jenkins

State PUBLISHED

Description

Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin.

← Browse all CVEs View on cve.org ↗