vulnerability
Jenkins Advisory 2017-12-14: CVE-2017-1000503: Random failures to initialize the setup wizard on startup
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | 2018-01-24 | 2018-01-29 | 2018-05-16 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
2018-01-24
Added
2018-01-29
Modified
2018-05-16
Description
A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related settings not being set to their usual strict default.
Solution(s)
jenkins-lts-upgrade-2_81jenkins-lts-upgrade-latestjenkins-upgrade-2_95

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.