Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2018-1000114

Date: March 13, 2018

An improper authorization vulnerability exists in Jenkins Promoted Builds Plugin 2.31.1 and earlier in Status.java and ManualCondition.java that allow an attacker with read access to jobs to perform promotions.

Language: Java

Severity Score

Related Resources (3)

https://nvd.nist.gov/vuln/detail/CVE-2018-1000114
https://jenkins.io/security/advisory/2018-02-26/#SECURITY-746
https://www.mend.io/vulnerability-database/CVE-2018-1000114

Severity Score

Weakness Type (CWE)

Improper Authorization

CWE-285

Incorrect Authorization

CWE-863

CVSS v3

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us