Medium severity6.5NVD Advisory· Published Oct 5, 2017· Updated Jun 17, 2026
CVE-2017-1000084
CVE-2017-1000084
Description
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:parameterized-triggerMaven | < 2.35.1 | 2.35.1 |
Affected products
43cpe:2.3:a:jenkins:parameterized_trigger:1.0:*:*:*:*:jenkins:*:*+ 41 more
- cpe:2.3:a:jenkins:parameterized_trigger:1.0:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:1.1:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:1.2:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:1.3:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:1.4:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:1.5:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:1.6:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.0:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.10:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.11:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.12:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.13:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.14:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.15:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.16:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.17:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.18:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.19:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.1:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.20:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.21:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.22:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.23:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.24:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.25:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.26:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.27:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.28:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.29:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.2:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.30:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.31:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.32:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.33:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.34:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.3:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.4:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.5:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.6:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.7:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.8:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:parameterized_trigger:2.9:*:*:*:*:jenkins:*:*
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-mc22-25r3-2w9wghsaADVISORY
- jenkins.io/security/advisory/2017-07-10/nvdVendor Advisory
- nvd.nist.gov/vuln/detail/CVE-2017-1000084ghsaADVISORY
- github.com/fbelzunc/parameterized-trigger-plugin/commit/345d54f8f031bef68ecb6fd4e7eee0be720162e4ghsaWEB
- github.com/jenkinsci/parameterized-trigger-plugin/pull/114ghsaWEB
- issues.jenkins.io/browse/JENKINS-45471ghsaWEB
- jenkins.io/security/advisory/2017-07-10ghsaWEB
News mentions
0No linked articles in our index yet.