Vulnerability
The default configuration of the Jenkins dashboard does not need a user to authenticate to his or her dashboard in order to access the script console. It’s feasible to get a remote shell and run system commands.
Mitigation / Precaution
Do not allow an unauthenticated user access to the script console.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
