cvelist/2018/1000xxx/CVE-2018-1000106.json

{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-02-26/#SECURITY-403"}]},"description": {"description_data": [{"lang": "eng","value": "An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to modify the Gerrit configuration in Jenkins."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.27.4 and older"}]},"product_name": "Jenkins Gerrit Trigger Plugin"}]},"vendor_name": "Jenkins project"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-02-26","ID": "CVE-2018-1000106","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-285"}]}]}}