vulnerability
Jenkins Advisory 2017-09-27:
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:C/I:C/A:N) | Nov 13, 2017 | Nov 13, 2017 | Feb 19, 2025 |
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:N)
Published
Nov 13, 2017
Added
Nov 13, 2017
Modified
Feb 19, 2025
Description
Jenkins 2.80 did not correctly initialize the setup wizard on the first startup.
This resulted in the following security settings not being set to the usual strict default:Affected instances need to be configured to restrict access.Jenkins instances upgraded from 2.79 or earlier to 2.80 without completing the setup wizard will no longer show the setup wizard, but are locked and need the initial administrator password to unlock.
Solution
jenkins-upgrade-2_81
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.