CVE-2023-41939 Information

Description

Jenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled potentially allowing users formerly granted (typically optional permissions like Overall/Manage) to access functionality they’re no longer entitled to.

Reference

https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3064 http://www.openwall.com/lists/oss-security/2023/09/06/9