Skip to main content

Matrix Authorization Strategy

2 CVEs product

Monthly

CVE-2021-21623 Maven MEDIUM PATCH This Month

An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Matrix Authorization Strategy
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-2226 Maven MEDIUM PATCH This Month

Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Matrix Authorization Strategy
NVD
CVSS 3.1
5.4
EPSS
0.9%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Matrix Authorization Strategy
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Matrix Authorization Strategy
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy