Jenkins, Missing Permission Check, CVE-2025-XXXX (Moderate)

Listen to this Post

The vulnerability, CVE-2025-XXXX, stems from an improper authorization check within the Jenkins web interface. Specifically, the code rendering the authenticated user’s profile dropdown menu fails to verify if the current user possesses the Overall/Read system permission before populating the menu’s options. This menu can contain items that reveal details about the Jenkins instance’s configuration, such as the presence of specific plugins like the Credentials Plugin. An attacker with a low-privilege account, even one explicitly denied the Overall/Read permission, can send a request to load their profile page. The server processes this request and returns the HTML for the dropdown menu without the required permission check, inadvertently leaking information about the system’s setup through the available menu choices, thereby violating intended security controls.
Platform: Jenkins
Version: <2.516.3, 2.517-2.527
Vulnerability: Missing Authorization
Severity: Moderate

date: 2025-09-17

Prediction: Patch available

What Undercode Say:

`curl -s http://jenkins-host/user/username/ | grep -i “dropdown-menu”`

`if (!Jenkins.getInstance().hasPermission(Jenkins.READ)) { return; }`

How Exploit:

Access profile menu.

Observe disclosed plugins.

Enumerate configuration items.

Protection from this CVE

Upgrade to 2.516.3/LTS or 2.528.

Enforce Overall/Read permission.

Review user access levels.

Impact:

Information Disclosure

Configuration Enumeration

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top