How severe is CVE-2018-1000015?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2018-1000015?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2018-1000015 - MEDIUM Severity | CVSS 4.8

Vulnerability Description

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline `node` blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes plugin 2.17 and earlier.

Related Vulnerabilities

CVE-2022-32768

MEDIUM

CVSS:4.8(Medium)

Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated u...

CWE-8622022

CVE-2022-32769

MEDIUM

CVSS:4.8(Medium)

CWE-8622022

CVE-2022-47367

MEDIUM

CVSS:4.8(Medium)

In bluetooth driver, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CWE-8622022

CVE-2025-22677

MEDIUM

CVSS:4.8(Medium)

Missing Authorization vulnerability in UIUX Lab Uix Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Uix Shortcodes: from n/a through 2.0.3.

CWE-8622025

CVE-2025-27294

MEDIUM

CVSS:4.8(Medium)

Missing Authorization vulnerability in platcom WP-Asambleas allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP-Asambleas: from n/a through 2.85.0.

CWE-8622025

CVE-2025-31606

MEDIUM

CVSS:4.8(Medium)

Missing Authorization vulnerability in softpulseinfotech SP Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SP Blog Designer: from n/a through...

CWE-8622025