Improper Blacklisting Vulnerability in Jenkins by CloudBees
CVE-2017-2602

3.1LOW

Key Information:

Vendor: [unknown]
Status: Jenkins
Vendor: CVE Published:; 15 May 2018

What is CVE-2017-2602?

An improper blacklisting issue exists in Jenkins that affects the agent-to-master security subsystem. Versions before 2.44, including 2.32.2, may allow malicious agents to write unauthorized Pipeline metadata files. This could lead to exposure of sensitive data or manipulation of the build process. It is crucial for users to upgrade to the latest versions to mitigate any potential risks associated with this vulnerability.