Jenkins Project Jenkins Role-Based Authorization Strategy Plugin vulnerabilities
3 known vulnerabilities affecting jenkins_project/jenkins_role-based_authorization_strategy_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-28668CRITICALCVSS 9.8≤ 587.v2872c41fa_e512023-04-02
CVE-2023-28668 [CRITICAL] CWE-281 CVE-2023-28668: Jenkins Role-based Authorization Strategy Plugin 587.v2872c41fa_e51 and earlier grants permissions e
Jenkins Role-based Authorization Strategy Plugin 587.v2872c41fa_e51 and earlier grants permissions even after they've been disabled.
cvelistv5nvd
CVE-2021-21624MEDIUMCVSS 4.3≥ unspecified, ≤ 3.12021-03-18
CVE-2021-21624 [MEDIUM] CWE-863 CVE-2021-21624: An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier al
An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders.
cvelistv5nvd
CVE-2020-2286HIGHCVSS 8.8≥ 2.12, < unspecified≥ unspecified, ≤ 3.02020-10-08
CVE-2020-2286 [HIGH] CVE-2020-2286: Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a perm
Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration.
cvelistv5nvd