vulnerability
Jenkins Advisory 2017-12-14: CVE-2017-1000503: Random failures to initialize the setup wizard on startup
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jan 24, 2018 | Jan 29, 2018 | Aug 11, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jan 24, 2018
Added
Jan 29, 2018
Modified
Aug 11, 2025
Description
A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related settings not being set to their usual strict default.
Solutions
jenkins-lts-upgrade-2_81jenkins-lts-upgrade-latestjenkins-upgrade-2_95
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.