Jenkins Folder-based Authorization Strategy Plugin 217.vd5b_18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to.
2025-01-22T17:15:14.027
2025-10-03T00:15:30.693
Analyzed
CVSSv3.1: 6.8 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | jenkins | folder-based_authorization_strategy | ≤ 217.vd5b_18537403e | Yes |