CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-2276

Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running as.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

http://www.openwall.com/lists/oss-security/2020/09/16/3
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1967
http://www.openwall.com/lists/oss-security/2020/09/16/3
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1967

Products affected by CVE-2020-2276

Jenkins » Selection Tasks » Version: N/A

cpe:2.3:a:jenkins:selection_tasks:-
Jenkins » Selection Tasks » Version: 1.0

cpe:2.3:a:jenkins:selection_tasks:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-2276

Products

Pricing

Contact Us