CVE-2017-1000503

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-1000503
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000503.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-1000503
Aliases
Published
2018-01-24T23:29:00Z
Modified
2024-10-12T02:25:43.250878Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related settings not being set to their usual strict default.

References

Affected packages

Git / github.com/jenkinsci/jenkins

Affected ranges

Type
GIT
Repo
https://github.com/jenkinsci/jenkins
Events

Affected versions

jenkins-2.*

jenkins-2.46.2
jenkins-2.46.3
jenkins-2.60.1
jenkins-2.60.2
jenkins-2.60.3
jenkins-2.73.1
jenkins-2.73.2
jenkins-2.81
jenkins-2.82
jenkins-2.83
jenkins-2.84
jenkins-2.85
jenkins-2.86
jenkins-2.87
jenkins-2.88
jenkins-2.89
jenkins-2.89.1