Security Advisory

CVE-2025-31721

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-02 14:59:50
Last updated 2025-04-02 16:51:08
Assigner jenkins
State PUBLISHED

Description

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration.