CVE-2017-1000354

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-1000354

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000354.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-1000354

Aliases

GHSA-r57f-7xw3-q2r9

Published

2018-01-29T17:29:00.253Z

Modified

2026-03-14T14:24:47.150614Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to a login command which allowed impersonating any Jenkins user. The login command available in the remoting-based CLI stored the encrypted user name of the successfully authenticated user in a cache file used to authenticate further commands. Users with sufficient permission to create secrets in Jenkins, and download their encrypted values (e.g. with Job/Configure permission), were able to impersonate any other Jenkins user on the same instance.

References

Affected packages

Git / github.com/jenkinsci/jenkins

Affected ranges

Type

GIT

Repo

https://github.com/jenkinsci/jenkins

Events

Introduced

Last affected

200f9e05eb3c3d9a5ea4ef28e2392daa834cef21

Introduced

Last affected

c6a23bdd264dff17b681765b08cf7f439f69d41e

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.56"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.46.1"
        }
    ]
}

Affected versions

1.*

1.324-rc

1.325-rc

1.327-rc

1.328-rc

1.502-rc1

1.580.1-rc1

Other

builds/10

builds/100

builds/101

builds/102

builds/103

builds/104

builds/105

builds/106

builds/107

builds/108

builds/109

builds/11

builds/110

builds/111

builds/112

builds/113

builds/114

builds/115

builds/116

builds/117

builds/118

builds/119

builds/12

builds/120

builds/121

builds/122

builds/123

builds/124

builds/125

builds/126

builds/127

builds/128

builds/13

builds/130

builds/131

builds/132

builds/133

builds/134

builds/135

builds/136

builds/137

builds/138

builds/139

builds/14

builds/140

builds/141

builds/142

builds/143

builds/144

builds/145

builds/146

builds/147

builds/148

builds/149

builds/15

builds/150

builds/151

builds/152

builds/153

builds/154

builds/155

builds/156

builds/157

builds/158

builds/16

builds/160

builds/161

builds/162

builds/163

builds/164

builds/165

builds/166

builds/167

builds/168

builds/169

builds/17

builds/170

builds/171

builds/172

builds/173

builds/174

builds/176

builds/177

builds/178

builds/179

builds/18

builds/180

builds/181

builds/182

builds/183

builds/184

builds/185

builds/186

builds/187

builds/188

builds/189

builds/19

builds/190

builds/191

builds/192

builds/193

builds/194

builds/195

builds/196

builds/197

builds/198

builds/199

builds/2

builds/200

builds/201

builds/202

builds/203

builds/204

builds/205

builds/206

builds/207

builds/209

builds/21

builds/210

builds/211

builds/212

builds/213

builds/214

builds/215

builds/216

builds/217

builds/218

builds/219

builds/22

builds/220

builds/221

builds/222

builds/223

builds/224

builds/225

builds/226

builds/227

builds/228

builds/229

builds/23

builds/230

builds/231

builds/232

builds/233

builds/234

builds/235

builds/236

builds/237

builds/238

builds/239

builds/24

builds/240

builds/241

builds/242

builds/243

builds/244

builds/245

builds/246

builds/247

builds/248

builds/249

builds/250

builds/251

builds/254

builds/255

builds/256

builds/257

builds/258

builds/259

builds/26

builds/260

builds/262

builds/263

builds/264

builds/265

builds/266

builds/267

builds/268

builds/269

builds/27

builds/270

builds/271

builds/272

builds/273

builds/274

builds/275

builds/276

builds/277

builds/278

builds/279

builds/28

builds/280

builds/281

builds/282

builds/283

builds/284

builds/285

builds/286

builds/287

builds/288

builds/29

builds/290

builds/291

builds/292

builds/293

builds/294

builds/295

builds/296

builds/297

builds/298

builds/299

builds/3

builds/30

builds/300

builds/301

builds/302

builds/303

builds/304

builds/305

builds/306

builds/307

builds/308

builds/309

builds/31

builds/310

builds/311

builds/312

builds/313

builds/314

builds/316

builds/317

builds/318

builds/319

builds/32

builds/320

builds/321

builds/322

builds/323

builds/324

builds/325

builds/326

builds/327

builds/328

builds/329

builds/33

builds/330

builds/331

builds/332

builds/333

builds/334

builds/335

builds/336

builds/338

builds/339

builds/34

builds/340

builds/341

builds/342

builds/343

builds/344

builds/345

builds/346

builds/348

builds/35

builds/350

builds/352

builds/353

builds/354

builds/355

builds/356

builds/357

builds/358

builds/359

builds/36

builds/361

builds/362

builds/363

builds/364

builds/365

builds/368

builds/369

builds/37

builds/370

builds/371

builds/372

builds/373

builds/374

builds/375

builds/39

builds/4

builds/40

builds/41

builds/42

builds/43

builds/44

builds/46

builds/47

builds/48

builds/49

builds/5

builds/50

builds/51

builds/52

builds/53

builds/54

builds/55

builds/56

builds/57

builds/58

builds/59

builds/6

builds/60

builds/62

builds/63

builds/64

builds/65

builds/66

builds/67

builds/68

builds/69

builds/7

builds/70

builds/71

builds/72

builds/73

builds/74

builds/75

builds/77

builds/81

builds/82

builds/83

builds/85

builds/86

builds/88

builds/89

builds/9

builds/90

builds/92

builds/93

builds/94

builds/95

builds/96

builds/97

builds/98

builds/99

changes/10

changes/100

changes/101

changes/102

changes/103

changes/104

changes/105

changes/106

changes/107

changes/108

changes/109

changes/11

changes/110

changes/111

changes/112

changes/113

changes/114

changes/115

changes/116

changes/117

changes/118

changes/119

changes/12

changes/120

changes/121

changes/122

changes/123

changes/124

changes/125

changes/126

changes/127

changes/128

changes/13

changes/130

changes/131

changes/132

changes/133

changes/134

changes/135

changes/136

changes/137

changes/138

changes/139

changes/14

changes/140

changes/141

changes/142

changes/143

changes/144

changes/145

changes/146

changes/147

changes/148

changes/149

changes/15

changes/150

changes/151

changes/152

changes/153

changes/154

changes/155

changes/156

changes/157

changes/158

changes/16

changes/160

changes/161

changes/162

changes/163

changes/164

changes/165

changes/166

changes/167

changes/168

changes/169

changes/17

changes/170

changes/171

changes/172

changes/173

changes/174

changes/176

changes/177

changes/178

changes/179

changes/18

changes/180

changes/181

changes/182

changes/183

changes/184

changes/185

changes/186

changes/187

changes/188

changes/189

changes/19

changes/190

changes/191

changes/192

changes/193

changes/194

changes/195

changes/196

changes/197

changes/198

changes/199

changes/2

changes/20

changes/200

changes/201

changes/202

changes/203

changes/204

changes/205

changes/206

changes/207

changes/209

changes/21

changes/210

changes/211

changes/212

changes/213

changes/214

changes/215

changes/216

changes/217

changes/218

changes/219

changes/22

changes/220

changes/221

changes/222

changes/223

changes/224

changes/225

changes/226

changes/227

changes/228

changes/229

changes/23

changes/230

changes/231

changes/232

changes/233

changes/234

changes/235

changes/236

changes/237

changes/238

changes/239

changes/24

changes/240

changes/241

changes/242

changes/243

changes/244

changes/245

changes/246

changes/247

changes/248

changes/249

changes/25

changes/250

changes/251

changes/254

changes/255

changes/256

changes/257

changes/258

changes/259

changes/26

changes/260

changes/262

changes/263

changes/264

changes/265

changes/266

changes/267

changes/268

changes/269

changes/27

changes/270

changes/271

changes/272

changes/273

changes/274

changes/275

changes/276

changes/277

changes/278

changes/279

changes/28

changes/280

changes/281

changes/282

changes/283

changes/284

changes/285

changes/286

changes/287

changes/288

changes/29

changes/290

changes/291

changes/292

changes/293

changes/294

changes/295

changes/296

changes/297

changes/298

changes/299

changes/3

changes/30

changes/300

changes/301

changes/302

changes/303

changes/304

changes/305

changes/306

changes/307

changes/308

changes/309

changes/31

changes/310

changes/311

changes/312

changes/313

changes/314

changes/316

changes/317

changes/318

changes/319

changes/32

changes/320

changes/321

changes/322

changes/323

changes/324

changes/325

changes/326

changes/327

changes/328

changes/329

changes/33

changes/330

changes/331

changes/332

changes/333

changes/334

changes/335

changes/336

changes/338

changes/339

changes/34

changes/340

changes/341

changes/342

changes/343

changes/344

changes/345

changes/346

changes/348

changes/35

changes/350

changes/352

changes/353

changes/354

changes/355

changes/356

changes/357

changes/358

changes/359

changes/36

changes/361

changes/362

changes/363

changes/364

changes/365

changes/368

changes/369

changes/37

changes/370

changes/371

changes/372

changes/373

changes/374

changes/375

changes/39

changes/4

changes/40

changes/41

changes/42

changes/43

changes/44

changes/46

changes/47

changes/48

changes/49

changes/5

changes/50

changes/51

changes/52

changes/53

changes/54

changes/55

changes/56

changes/57

changes/58

changes/59

changes/6

changes/60

changes/61

changes/62

changes/63

changes/64

changes/65

changes/66

changes/67

changes/68

changes/69

changes/7

changes/70

changes/71

changes/72

changes/73

changes/74

changes/75

changes/76

changes/77

changes/79

changes/8

changes/81

changes/82

changes/83

changes/85

changes/86

changes/88

changes/89

changes/9

changes/90

changes/92

changes/93

changes/94

changes/95

changes/96

changes/97

changes/98

changes/99

hudson-1_387

hudson-1_388

hudson-1_389

hudson-1_390

hudson-1_391

hudson-1_392

hudson-1_393

hudson-1_394

hudson-1_395

jenkins-1_396

jenkins-1_397

jenkins-1_398

jenkins-1_399

jenkins-1_400

jenkins-1_401

jenkins-1_402

jenkins-1_403

jenkins-1_404

jenkins-1_405

jenkins-1_406

jenkins-1_407

jenkins-1_408

jenkins-1_409

jenkins-1_410

jenkins-1_411

jenkins-1_412

jenkins-1_413

jenkins-1_414

jenkins-1_415

jenkins-1.*

jenkins-1.416

jenkins-1.417

jenkins-1.418

jenkins-1.419

jenkins-1.420

jenkins-1.421

jenkins-1.422

jenkins-1.423

jenkins-1.424

jenkins-1.425

jenkins-1.426

jenkins-1.427

jenkins-1.428

jenkins-1.429

jenkins-1.430

jenkins-1.431

jenkins-1.432

jenkins-1.433

jenkins-1.434

jenkins-1.435

jenkins-1.436

jenkins-1.437

jenkins-1.438

jenkins-1.439

jenkins-1.440

jenkins-1.441

jenkins-1.442

jenkins-1.443

jenkins-1.444

jenkins-1.445

jenkins-1.446

jenkins-1.447

jenkins-1.448

jenkins-1.449

jenkins-1.450

jenkins-1.451

jenkins-1.452

jenkins-1.453

jenkins-1.454

jenkins-1.455

jenkins-1.456

jenkins-1.457

jenkins-1.458

jenkins-1.459

jenkins-1.460

jenkins-1.461

jenkins-1.462

jenkins-1.463

jenkins-1.464

jenkins-1.465

jenkins-1.466

jenkins-1.467

jenkins-1.468

jenkins-1.469

jenkins-1.470

jenkins-1.471

jenkins-1.472

jenkins-1.473

jenkins-1.474

jenkins-1.475

jenkins-1.477

jenkins-1.478

jenkins-1.479

jenkins-1.480

jenkins-1.481

jenkins-1.482

jenkins-1.483

jenkins-1.484

jenkins-1.485

jenkins-1.486

jenkins-1.487

jenkins-1.488

jenkins-1.489

jenkins-1.490

jenkins-1.491

jenkins-1.492

jenkins-1.493

jenkins-1.494

jenkins-1.495

jenkins-1.496

jenkins-1.497

jenkins-1.498

jenkins-1.499

jenkins-1.500

jenkins-1.501

jenkins-1.502

jenkins-1.503

jenkins-1.504

jenkins-1.505

jenkins-1.506

jenkins-1.507

jenkins-1.508

jenkins-1.509

jenkins-1.510

jenkins-1.511

jenkins-1.512

jenkins-1.513

jenkins-1.514

jenkins-1.515

jenkins-1.516

jenkins-1.517

jenkins-1.518

jenkins-1.519

jenkins-1.520

jenkins-1.521

jenkins-1.522

jenkins-1.523

jenkins-1.524

jenkins-1.525

jenkins-1.526

jenkins-1.527

jenkins-1.528

jenkins-1.529

jenkins-1.530

jenkins-1.531

jenkins-1.532

jenkins-1.533

jenkins-1.534

jenkins-1.535

jenkins-1.536

jenkins-1.537

jenkins-1.538

jenkins-1.539

jenkins-1.540

jenkins-1.541

jenkins-1.542

jenkins-1.543

jenkins-1.544

jenkins-1.545

jenkins-1.546

jenkins-1.547

jenkins-1.548

jenkins-1.549

jenkins-1.550

jenkins-1.551

jenkins-1.552

jenkins-1.553

jenkins-1.554

jenkins-1.555

jenkins-1.556

jenkins-1.557

jenkins-1.558

jenkins-1.559

jenkins-1.560

jenkins-1.561

jenkins-1.562

jenkins-1.563

jenkins-1.564

jenkins-1.565

jenkins-1.566

jenkins-1.567

jenkins-1.568

jenkins-1.569

jenkins-1.570

jenkins-1.571

jenkins-1.572

jenkins-1.573

jenkins-1.574

jenkins-1.575

jenkins-1.576

jenkins-1.577

jenkins-1.578

jenkins-1.579

jenkins-1.580

jenkins-1.580.1

jenkins-1.580.2

jenkins-1.580.3

jenkins-1.580.3-rc1

jenkins-1.581

jenkins-1.582

jenkins-1.583

jenkins-1.584

jenkins-1.585

jenkins-1.586

jenkins-1.587

jenkins-1.588

jenkins-1.589

jenkins-1.590

jenkins-1.591

jenkins-1.592

jenkins-1.593

jenkins-1.594

jenkins-1.595

jenkins-1.596

jenkins-1.596.1

jenkins-1.596.2

jenkins-1.596.2-rc1

jenkins-1.596.3

jenkins-1.597

jenkins-1.598

jenkins-1.599

jenkins-1.600

jenkins-1.601

jenkins-1.602

jenkins-1.604

jenkins-1.605

jenkins-1.606

jenkins-1.607

jenkins-1.608

jenkins-1.609

jenkins-1.609.1

jenkins-1.609.1-rc1

jenkins-1.609.2

jenkins-1.609.2-rc1

jenkins-1.609.3

jenkins-1.610

jenkins-1.611

jenkins-1.612

jenkins-1.613

jenkins-1.614

jenkins-1.615

jenkins-1.616

jenkins-1.617

jenkins-1.618

jenkins-1.619

jenkins-1.620

jenkins-1.621

jenkins-1.622

jenkins-1.623

jenkins-1.624

jenkins-1.625

jenkins-1.625.1

jenkins-1.625.1-rc1

jenkins-1.625.1-rc2

jenkins-1.625.2

jenkins-1.625.2-rc1

jenkins-1.625.3

jenkins-1.625.3-rc1

jenkins-1.625.3-rc2

jenkins-1.626

jenkins-1.627

jenkins-1.628

jenkins-1.629

jenkins-1.630

jenkins-1.631

jenkins-1.632

jenkins-1.633

jenkins-1.634

jenkins-1.635

jenkins-1.636

jenkins-1.637

jenkins-1.638

jenkins-1.639

jenkins-1.640

jenkins-1.641

jenkins-1.642

jenkins-1.642.1

jenkins-1.642.1-rc1

jenkins-1.642.2

jenkins-1.642.2-rc1

jenkins-1.642.3

jenkins-1.643

jenkins-1.644

jenkins-1.645

jenkins-1.646

jenkins-1.647

jenkins-1.648

jenkins-1.649

jenkins-1.650

jenkins-1.651

jenkins-1.651.1

jenkins-1.651.2

jenkins-1.651.3

jenkins-1.652

jenkins-1.653

jenkins-1.654

jenkins-1.655

jenkins-1.656

jenkins-2.*

jenkins-2.0

jenkins-2.0-alpha-1

jenkins-2.0-alpha-2

jenkins-2.0-alpha-3

jenkins-2.0-alpha-4

jenkins-2.0-beta-1

jenkins-2.0-beta-2

jenkins-2.0-rc-1

jenkins-2.1

jenkins-2.10

jenkins-2.11

jenkins-2.12

jenkins-2.13

jenkins-2.14

jenkins-2.15

jenkins-2.16

jenkins-2.17

jenkins-2.18

jenkins-2.19

jenkins-2.19.1

jenkins-2.19.2

jenkins-2.19.3

jenkins-2.19.4

jenkins-2.2

jenkins-2.20

jenkins-2.21

jenkins-2.22

jenkins-2.23

jenkins-2.24

jenkins-2.25

jenkins-2.26

jenkins-2.27

jenkins-2.28

jenkins-2.29

jenkins-2.3

jenkins-2.30

jenkins-2.31

jenkins-2.32

jenkins-2.32.1

jenkins-2.32.2

jenkins-2.32.3

jenkins-2.33

jenkins-2.34

jenkins-2.35

jenkins-2.36

jenkins-2.37

jenkins-2.38

jenkins-2.39

jenkins-2.4

jenkins-2.40

jenkins-2.41

jenkins-2.42

jenkins-2.43

jenkins-2.44

jenkins-2.45

jenkins-2.46

jenkins-2.46.1

jenkins-2.47

jenkins-2.48

jenkins-2.49

jenkins-2.5

jenkins-2.50

jenkins-2.51

jenkins-2.52

jenkins-2.53

jenkins-2.54

jenkins-2.55

jenkins-2.56

jenkins-2.6

jenkins-2.7

jenkins-2.7.1

jenkins-2.7.2

jenkins-2.7.3

jenkins-2.7.4

jenkins-2.8

jenkins-2.9

prototype-1.*

prototype-1.5.1.1

prototype-1.7

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000354.json"