VDB

CVE-2025-31720

CVE-2025-31720 PUBLISHED

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration.

EPSS 0.09% · 26.1th percentile

Risk Scores

EPSS Score
0.09%
26.1th percentile

Affected Products

VendorProductVersions
Bitnamijenkins0, 2.493.0
Bitnamijenkins0, 2.493.0

Timeline

  • CVE Published
  • Apr 2, 2025 Coalition ESS Score
  • Apr 2, 2025 Coalition ESS Score
  • Apr 3, 2025 EPSS Score
  • Apr 16, 2025 EPSS Score
  • Apr 29, 2025 EPSS Score
  • May 11, 2025 EPSS Score
  • May 22, 2025 Coalition ESS Score
  • May 24, 2025 EPSS Score
  • Jun 6, 2025 EPSS Score
  • Jun 19, 2025 EPSS Score
  • Jul 2, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›