CVE-2017-1000084

medium

Published 2017-10-05 · Modified 2024-02-18

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2

4.0

VIR risk

6.5

Description

Parameterized Trigger Plugin fails to check Item/Build permission

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://jenkins.io/security/advisory/2017-07-10/

Ecosystem	Package	Vulnerable	Fixed
Maven	org.jenkins-ci.plugins:parameterized-trigger	`<2.35.1`	`2.35.1`

Vendor	Product	Versions
jenkins	parameterized_trigger	`1.0`
jenkins	parameterized_trigger	`1.1`
jenkins	parameterized_trigger	`1.2`
jenkins	parameterized_trigger	`1.3`
jenkins	parameterized_trigger	`1.4`
jenkins	parameterized_trigger	`1.5`
jenkins	parameterized_trigger	`1.6`
jenkins	parameterized_trigger	`2.0`
jenkins	parameterized_trigger	`2.1`
jenkins	parameterized_trigger	`2.2`
jenkins	parameterized_trigger	`2.3`
jenkins	parameterized_trigger	`2.4`
jenkins	parameterized_trigger	`2.5`
jenkins	parameterized_trigger	`2.6`
jenkins	parameterized_trigger	`2.7`
jenkins	parameterized_trigger	`2.8`
jenkins	parameterized_trigger	`2.9`
jenkins	parameterized_trigger	`2.10`
jenkins	parameterized_trigger	`2.11`
jenkins	parameterized_trigger	`2.12`
jenkins	parameterized_trigger	`2.13`
jenkins	parameterized_trigger	`2.14`
jenkins	parameterized_trigger	`2.15`
jenkins	parameterized_trigger	`2.16`
jenkins	parameterized_trigger	`2.17`
jenkins	parameterized_trigger	`2.18`
jenkins	parameterized_trigger	`2.19`
jenkins	parameterized_trigger	`2.20`
jenkins	parameterized_trigger	`2.21`
jenkins	parameterized_trigger	`2.22`
jenkins	parameterized_trigger	`2.23`
jenkins	parameterized_trigger	`2.24`
jenkins	parameterized_trigger	`2.25`
jenkins	parameterized_trigger	`2.26`
jenkins	parameterized_trigger	`2.27`
jenkins	parameterized_trigger	`2.28`
jenkins	parameterized_trigger	`2.29`
jenkins	parameterized_trigger	`2.30`
jenkins	parameterized_trigger	`2.31`
jenkins	parameterized_trigger	`2.32`
jenkins	parameterized_trigger	`2.33`
jenkins	parameterized_trigger	`2.34`

CWE-276

Verify integrity in audit chain (admin only). AS-IS.