CVE-2025-31720

CVE-2025-31720

Name

CVE-2025-31720

Description

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vendor-advisory	https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3512

Type

URI

vendor-advisory

https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3512

Match rules

CPE URI	Source package	Min version	Max version
	jenkins	>= 2.492.3	< 2.492.*
	jenkins	>= 2.504	< *
`cpe:2.3:a:jenkins:jenkins:::::lts:::*`	jenkins	>= None	< 2.492.3

CPE URI

Source package

Min version

Max version

jenkins

>= 2.492.3

< 2.492.*

jenkins

>= 2.504

< *

cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*

jenkins

>= None

< 2.492.3

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
jenkins	edge-community	2.479.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	edge-community	2.479.1-r1	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	3.22-community	2.479.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
jenkins	3.22-community	2.479.1-r1	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

jenkins

edge-community

2.479.1-r0

Francesco Colista <fcolista@alpinelinux.org>

possibly vulnerable

jenkins

edge-community