CVE-2017-2612

Published: May 15, 2018
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2017-2612" target="_blank" rel="noopener"> CVE-2017-2612
GHSA: <a href="https://github.com/advisories/GHSA-wf9g-rh76-6jvr" target="_blank" rel="noopener"> GHSA-wf9g-rh76-6jvr
Severity: Medium
Exploit:

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.

CVSS v3:

CVSS v2:

CWEs: