Builds in Jenkins are associated with an authentication that controls the permissions that the build has to interact with other elements in Jenkins. The Pipeline: Build Step Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins.
During installation, installed file permissions are set to allow anyone to modify those files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pipeline:_build_step | Jenkins | * | 2.5 (including) |
Red Hat OpenShift Container Platform 3.6 | RedHat | atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | fluentd-0:0.12.39-2.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | jenkins-2-plugins-0:3.7.1502412812-1.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | kibana-0:4.6.4-3.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | rubygem-cool.io-0:1.5.1-1.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | rubygem-excon-0:0.58.0-1.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | rubygem-faraday-0:0.13.0-1.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | rubygem-i18n-0:0.8.6-1.el7 | * |
Red Hat OpenShift Container Platform 3.6 | RedHat | rubygem-systemd-journal-0:1.3.0-1.el7 | * |