Home

CVE-2017-1000243

Description

Jenkins Favorite Plugin 2.1.4 and older does not perform permission checks when changing favorite status, allowing any user to set any other users favorites

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.031

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2017-1000243 are fixed in Jvnet - favorite 2.3.0Windows
Vulnerabilities CVE-2017-1000243 are fixed in Jvnet - favorite for Linux 2.3.0Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234