SecuritySpace - CVE-2017-2611

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-2611

Description: Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes (that are otherwise performed daily), possibly causing additional load on Jenkins master and agents.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-2611
BugTraq ID: 95956
http://www.securityfocus.com/bid/95956

CVE ID:	CVE-2017-2611
Description:	Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes (that are otherwise performed daily), possibly causing additional load on Jenkins master and agents.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2611 BugTraq ID: 95956 http://www.securityfocus.com/bid/95956