CVE-2018-1000106

Published: 2018-03-13T13:29Z

Last Modified: 2024-11-21T03:39Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to modify the Gerrit configuration in Jenkins. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt