Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Missing Authorization Vulnerability - CVE-2024-43045 - Vulnerability Database
Jenkins

Jenkins Missing Authorization Vulnerability - CVE-2024-43045

Medium
Reference: CVE-2024-43045
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-43045
Title: Jenkins Missing Authorization Vulnerability
Overview:

Jenkins 2.470 and earlier LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint allowing attackers with Overall/Read permission to access other users39 quotMy Viewsquot.