CVE-2021-21609
Incorrect Authorization in maven/org.jenkins-ci.main/jenkins-core
Identifiers
CVE-2021-21609
Package Slug
maven/org.jenkins-ci.main/jenkins-core
Vulnerability
Incorrect Authorization
Description
Jenkins does not correctly match requested URLs to the list of always accessible paths, allowing attackers without Overall/Read permission to access some URLs as if they did have Overall/Read permission.
Affected Versions
All versions after 2.263.1 up to 2.274
Solution
Unfortunately, there is no solution available yet.
Last Modified
2021-01-18
| source |