CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-1000108

The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input. This has been changed, and now requires users to have the Item/Build permission instead.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.6%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2017-1000108

Jenkins » Pipeline-Input-Step » Version: 2.0

cpe:2.3:a:jenkins:pipeline-input-step:2.0
Jenkins » Pipeline-Input-Step » Version: 2.1

cpe:2.3:a:jenkins:pipeline-input-step:2.1
Jenkins » Pipeline-Input-Step » Version: 2.2

cpe:2.3:a:jenkins:pipeline-input-step:2.2
Jenkins » Pipeline-Input-Step » Version: 2.3

cpe:2.3:a:jenkins:pipeline-input-step:2.3
Jenkins » Pipeline-Input-Step » Version: 2.4

cpe:2.3:a:jenkins:pipeline-input-step:2.4
Jenkins » Pipeline-Input-Step » Version: 2.5

cpe:2.3:a:jenkins:pipeline-input-step:2.5
Jenkins » Pipeline-Input-Step » Version: 2.6

cpe:2.3:a:jenkins:pipeline-input-step:2.6
Jenkins » Pipeline-Input-Step » Version: 2.7

cpe:2.3:a:jenkins:pipeline-input-step:2.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-1000108

Products

Pricing

Contact Us