Git repository access vulnerability in Jenkins Git server Plugin

CVE-2024-34146

Currently unrated 🤨

Key Information

Vendor: Jenkins
Status: Jenkins Git Server Plugin
Vendor: CVE Published:; 2 May 2024

Summary

Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.

Affected Version(s)

Jenkins Git server Plugin <= 114.v068a_c7cc2574

Timeline

Vulnerability published.
May 2, 2024
Vulnerability Reserved.
Apr 30, 2024

Collectors

NVD DatabaseMitre Database