Description
A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3083
Related Vulnerabilities
CVE-2017-12623 Vulnerability in maven package org.apache.nifi:nifi-security-utils
CVE-2014-0110 Vulnerability in maven package org.apache.cxf:cxf-bundle
CVE-2019-17563 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2017-7661 Vulnerability in maven package org.apache.cxf.fediz:fediz-jetty8