CVE-2017-2603

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-2603
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2603.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-2603
Aliases
Published
2018-05-15T21:29:00.290Z
Modified
2026-04-11T04:38:18.487596Z
Severity
  • 3.5 (Low) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak in disconnected agents' config.xml API. This could leak sensitive data such as API tokens (SECURITY-362).

References

Affected packages

Git / github.com/jenkinsci/jenkins

Affected ranges

Type
GIT
Repo
https://github.com/jenkinsci/jenkins
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5828e963ac26f209298c3fdfb7a3a49f2cc401d4
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
4992b15066ecd87428dcd204102f1158bbcc8b3a
Fixed
3cd946cbef82c6da5ccccf3890d0ae4e091c4265
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.44"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "2.32.2"
        }
    ]
}

Affected versions

1.*
1.324-rc
1.325-rc
1.327-rc
1.328-rc
Other
builds/101
builds/102
builds/103
builds/104
builds/105
builds/106
builds/107
builds/108
builds/109
builds/110
builds/112
builds/113
builds/114
builds/115
builds/116
builds/117
builds/118
builds/119
builds/120
builds/121
builds/122
builds/123
builds/124
builds/125
builds/126
builds/127
builds/128
builds/130
builds/131
builds/132
builds/133
builds/134
builds/135
builds/136
builds/137
builds/138
builds/139
builds/140
builds/141
builds/142
builds/143
builds/144
builds/145
builds/146
builds/147
builds/148
builds/149
builds/150
builds/151
builds/152
builds/153
builds/154
builds/155
builds/156
builds/157
builds/158
builds/16
builds/160
builds/161
builds/162
builds/163
builds/164
builds/165
builds/166
builds/168
builds/169
builds/17
builds/170
builds/171
builds/172
builds/173
builds/174
builds/176
builds/177
builds/179
builds/18
builds/180
builds/181
builds/182
builds/183
builds/184
builds/185
builds/186
builds/187
builds/188
builds/189
builds/190
builds/191
builds/192
builds/193
builds/194
builds/195
builds/196
builds/197
builds/198
builds/199
builds/2
builds/200
builds/201
builds/202
builds/203
builds/204
builds/205
builds/206
builds/207
builds/209
builds/21
builds/210
builds/211
builds/212
builds/213
builds/214
builds/215
builds/216
builds/217
builds/218
builds/219
builds/22
builds/220
builds/221
builds/222
builds/223
builds/224
builds/225
builds/227
builds/228
builds/229
builds/23
builds/230
builds/231
builds/232
builds/233
builds/234
builds/235
builds/236
builds/237
builds/238
builds/239
builds/24
builds/240
builds/241
builds/242
builds/243
builds/244
builds/245
builds/247
builds/248
builds/249
builds/250
builds/251
builds/254
builds/255
builds/256
builds/257
builds/258
builds/259
builds/26
builds/260
builds/262
builds/264
builds/265
builds/266
builds/267
builds/268
builds/269
builds/27
builds/270
builds/271
builds/272
builds/273
builds/274
builds/275
builds/276
builds/277
builds/278
builds/279
builds/28
builds/280
builds/281
builds/282
builds/284
builds/285
builds/286
builds/287
builds/288
builds/29
builds/290
builds/291
builds/293
builds/294
builds/295
builds/296
builds/297
builds/298
builds/299
builds/30
builds/300
builds/301
builds/302
builds/303
builds/304
builds/305
builds/306
builds/31
builds/32
builds/33
builds/338
builds/339
builds/34
builds/340
builds/341
builds/342
builds/343
builds/344
builds/345
builds/346
builds/348
builds/35
builds/350
builds/352
builds/353
builds/355
builds/356
builds/357
builds/358
builds/359
builds/36
builds/361
builds/363
builds/37
builds/370
builds/371
builds/372
builds/39
builds/40
builds/41
builds/42
builds/43
builds/44
builds/46
builds/47
builds/48
builds/49
builds/50
builds/51
builds/52
builds/53
builds/54
builds/55
builds/56
builds/77
builds/81
builds/82
builds/83
builds/85
builds/86
builds/89
builds/90
builds/92
builds/93
builds/94
changes/101
changes/102
changes/103
changes/104
changes/105
changes/106
changes/107
changes/108
changes/109
changes/110
changes/113
changes/114
changes/115
changes/116
changes/117
changes/118
changes/119
changes/120
changes/121
changes/122
changes/123
changes/124
changes/125
changes/126
changes/127
changes/128
changes/130
changes/131
changes/132
changes/133
changes/134
changes/135
changes/136
changes/137
changes/138
changes/139
changes/140
changes/141
changes/142
changes/143
changes/144
changes/145
changes/146
changes/147
changes/148
changes/149
changes/150
changes/151
changes/152
changes/153
changes/154
changes/155
changes/156
changes/157
changes/158
changes/16
changes/161
changes/162
changes/163
changes/164
changes/165
changes/166
changes/169
changes/17
changes/170
changes/171
changes/172
changes/173
changes/174
changes/176
changes/177
changes/179
changes/18
changes/180
changes/181
changes/182
changes/183
changes/184
changes/185
changes/186
changes/187
changes/188
changes/189
changes/190
changes/191
changes/192
changes/193
changes/194
changes/195
changes/196
changes/197
changes/198
changes/199
changes/2
changes/20
changes/200
changes/201
changes/202
changes/203
changes/204
changes/205
changes/206
changes/207
changes/209
changes/21
changes/210
changes/211
changes/212
changes/213
changes/214
changes/215
changes/216
changes/217
changes/218
changes/22
changes/220
changes/221
changes/222
changes/223
changes/224
changes/225
changes/228
changes/229
changes/23
changes/230
changes/231
changes/232
changes/233
changes/234
changes/235
changes/236
changes/237
changes/238
changes/239
changes/24
changes/240
changes/241
changes/242
changes/243
changes/244
changes/245
changes/248
changes/249
changes/250
changes/251
changes/255
changes/256
changes/257
changes/258
changes/259
changes/262
changes/265
changes/266
changes/267
changes/268
changes/269
changes/27
changes/270
changes/271
changes/272
changes/273
changes/274
changes/275
changes/276
changes/277
changes/278
changes/279
changes/28
changes/280
changes/281
changes/282
changes/284
changes/286
changes/287
changes/288
changes/29
changes/290
changes/291
changes/293
changes/294
changes/295
changes/296
changes/297
changes/298
changes/299
changes/30
changes/300
changes/301
changes/302
changes/303
changes/304
changes/305
changes/306
changes/31
changes/32
changes/338
changes/339
changes/34
changes/340
changes/342
changes/343
changes/344
changes/345
changes/346
changes/348
changes/35
changes/350
changes/352
changes/353
changes/356
changes/357
changes/358
changes/36
changes/361
changes/363
changes/37
changes/370
changes/371
changes/372
changes/39
changes/40
changes/41
changes/42
changes/43
changes/44
changes/46
changes/47
changes/48
changes/49
changes/50
changes/51
changes/52
changes/53
changes/54
changes/55
changes/56
changes/76
changes/77
changes/79
changes/81
changes/82
changes/83
changes/85
changes/86
changes/89
changes/90
changes/92
changes/93
changes/94
jenkins-1.*
jenkins-1.604
jenkins-1.605
jenkins-1.606
jenkins-1.607
jenkins-1.608
jenkins-1.609
jenkins-1.610
jenkins-1.614
jenkins-1.615
jenkins-1.616
jenkins-1.617
jenkins-1.618
jenkins-1.619
jenkins-1.620
jenkins-1.621
jenkins-1.622
jenkins-1.623
jenkins-1.624
jenkins-1.625
jenkins-1.625.1-rc1
jenkins-1.625.1-rc2
jenkins-1.625.2
jenkins-1.625.3
jenkins-1.625.3-rc1
jenkins-1.626
jenkins-1.627
jenkins-1.628
jenkins-1.638
jenkins-1.639
jenkins-1.640
jenkins-1.641
jenkins-1.642
jenkins-1.643
jenkins-1.644
jenkins-1.645
jenkins-1.646
jenkins-1.647
jenkins-1.648
jenkins-1.649
jenkins-1.650
jenkins-1.651
jenkins-1.652
jenkins-1.653
jenkins-1.654
jenkins-1.655
jenkins-1.656
jenkins-2.*
jenkins-2.10
jenkins-2.11
jenkins-2.12
jenkins-2.13
jenkins-2.14
jenkins-2.15
jenkins-2.16
jenkins-2.17
jenkins-2.18
jenkins-2.19
jenkins-2.20
jenkins-2.21
jenkins-2.22
jenkins-2.23
jenkins-2.24
jenkins-2.25
jenkins-2.26
jenkins-2.27
jenkins-2.28
jenkins-2.29
jenkins-2.3
jenkins-2.30
jenkins-2.31
jenkins-2.32
jenkins-2.33
jenkins-2.34
jenkins-2.35
jenkins-2.36
jenkins-2.37
jenkins-2.4
jenkins-2.5
jenkins-2.6
jenkins-2.7
jenkins-2.8
jenkins-2.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2603.json"
vanir_signatures 
[
    {
        "digest": {
            "length": 36.0,
            "function_hash": "76629099288347567518753432051593860857"
        },
        "id": "CVE-2017-2603-03ca5dd1",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/jenkinsci/jenkins/commit/3cd946cbef82c6da5ccccf3890d0ae4e091c4265",
        "target": {
            "function": "getUser",
            "file": "core/src/main/java/hudson/slaves/OfflineCause.java"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "56522727859152783531639781949372675745",
                "184007299165278692584093073394882055673",
                "243517436235956686237217398984663615603",
                "314505863619546227549498731803075120360",
                "331340700849567400648169958812947565226",
                "29421732414988803103444547446248193795",
                "32320855019426110679299441253892175700",
                "318698673135737460123865659940453334587",
                "274692892572782511411965042878167634129",
                "27909810364781607669749860802158417533"
            ]
        },
        "id": "CVE-2017-2603-06fe886a",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/jenkinsci/jenkins/commit/3cd946cbef82c6da5ccccf3890d0ae4e091c4265",
        "target": {
            "file": "test/src/test/java/hudson/model/ComputerTest.java"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "209267815402005371089258251661046728896",
                "217208310110894551715789441824756635150",
                "211197759145717785862305730399470279099",
                "161574410476840661379004840072166536738",
                "195283184599700412782972102855802582689",
                "10957944742808860176487524320368341274",
                "293622914662970912390527863985866735898",
                "300629097926095416929127335557716276014",
                "329340579215453295055417281726746428256",
                "315477493128578666057996420340317641218",
                "43367208302886134272076738279180359858",
                "216613994836687540247971290395653893721",
                "41262411693078383157175235821619914522",
                "291573514611363591558944469405679784051",
                "336231031728273654692930107825081988942",
                "104585630029406417145989193405951414052",
                "76211985166668425987161184296927637679",
                "21047985469213967521167784909609988748",
                "302225193224593484032914637929173810215",
                "279143118679006953653117480417624711139"
            ]
        },
        "id": "CVE-2017-2603-ae910e27",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/jenkinsci/jenkins/commit/3cd946cbef82c6da5ccccf3890d0ae4e091c4265",
        "target": {
            "file": "core/src/main/java/hudson/slaves/OfflineCause.java"
        }
    },
    {
        "digest": {
            "length": 230.0,
            "function_hash": "74595542720008577386815475757409678998"
        },
        "id": "CVE-2017-2603-be265637",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/jenkinsci/jenkins/commit/3cd946cbef82c6da5ccccf3890d0ae4e091c4265",
        "target": {
            "function": "UserCause",
            "file": "core/src/main/java/hudson/slaves/OfflineCause.java"
        }
    }
]
vanir_signatures_modified 
"2026-04-11T04:38:18Z"