CVE-2024-43045 Information

Description

Jenkins 2.470 and earlier LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint allowing attackers with Overall/Read permission to access other users’ \My Views.

Reference

https://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3349