CVE-2023-41939

Improper Preservation of Permissions in maven/org.jenkins-ci.plugins/ssh2easy

Identifiers

GHSA-4gh2-m88h-8cj8, CVE-2023-41939

Package Slug

maven/org.jenkins-ci.plugins/ssh2easy

Vulnerability

Improper Preservation of Permissions

Description

Jenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to.

Affected Versions

All versions before 1.6

Solution

Upgrade to version 1.6 or above.

Last Modified

2024-01-31

source