Vulnerabilities > Jenkins > Distributed Fork > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-27 CVE-2017-2652 Improper Authentication vulnerability in Jenkins Distributed Fork
It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes.
network
low complexity
jenkins CWE-287
8.8