CVE-2023-41939

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 6, 2023

Updated: Sep 11, 2023

CWE ID 281

Summary

CVE-2023-41939 is a vulnerability affecting the Jenkins SSH2 Easy Plugin version 1.4 and older. This issue permits users, who were previously granted optional permissions, to access functionality they no longer should have. The plugin fails to verify if the permissions enabled correspond to the configured permissions, leading to a potential security risk. Jenkins users are advised to update the plugin to the latest version to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/skiZjC
https://www.cve.org/CVERecord?id=CVE-2023-41939
https://nvd.nist.gov/vuln/detail/CVE-2023-41939

Back to Vulnerability Database

CVE-2023-41939

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations