CVE-2023-27902

Improper Access Control in maven/org.jenkins-ci.main/jenkins-core

Identifiers

CVE-2023-27902

Package Slug

maven/org.jenkins-ci.main/jenkins-core

Vulnerability

Improper Access Control

Description

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.

Affected Versions

All versions after 2.375.4 before 2.394

Solution

Upgrade to version 2.394 or above.

Last Modified

2023-03-17

source