What is the severity of CVE-2025-31720?

CVE-2025-31720 is classified as a critical vulnerability due to its ability to allow unauthorized access to agent configurations.

How do I fix CVE-2025-31720?

To fix CVE-2025-31720, upgrade Jenkins to version 2.504 or later, or LTS to 2.492.3 or later.

What versions of Jenkins are affected by CVE-2025-31720?

Jenkins versions up to 2.503 and Jenkins LTS versions up to 2.492.2 are affected by CVE-2025-31720.

What impact does CVE-2025-31720 have on Jenkins installations?

CVE-2025-31720 allows attackers to gain unauthorized access to an agent's configuration, potentially compromising the Jenkins environment.

Who can exploit CVE-2025-31720?

An attacker with Computer/Create permission but lacking Computer/Extended Read permission can exploit CVE-2025-31720.

Vulnerability/
CVE-2025-31720

medium

4.3

CWE

862

2/4/2025

CVE-2025-31720

First published: Wed Apr 02 2025(Updated: )

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration.

Credit: jenkinsci-cert@googlegroups.com

Affected Software	Affected Version	How to fix
Jenkins LTS	<2.503
Jenkins	<2.492.2
maven/org.jenkins-ci.main:jenkins-core	<2.492.3	2.492.3
maven/org.jenkins-ci.main:jenkins-core	>=2.500<2.504	2.504

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-31720?
CVE-2025-31720 is classified as a critical vulnerability due to its ability to allow unauthorized access to agent configurations.
How do I fix CVE-2025-31720?
To fix CVE-2025-31720, upgrade Jenkins to version 2.504 or later, or LTS to 2.492.3 or later.
What versions of Jenkins are affected by CVE-2025-31720?
Jenkins versions up to 2.503 and Jenkins LTS versions up to 2.492.2 are affected by CVE-2025-31720.
What impact does CVE-2025-31720 have on Jenkins installations?
CVE-2025-31720 allows attackers to gain unauthorized access to an agent's configuration, potentially compromising the Jenkins environment.
Who can exploit CVE-2025-31720?
An attacker with Computer/Create permission but lacking Computer/Extended Read permission can exploit CVE-2025-31720.

collector/mitre-cve
source/MITRE
agent/first-publish-date
agent/type
agent/guess-ai
agent/software-canonical-lookup
agent/author
collector/nvd-api
source/NVD
agent/weakness
collector/github-advisory-latest
source/GitHub
alias/GHSA-565r-pf5q-45v6
alias/CVE-2025-31720
agent/severity
agent/source
agent/references
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/description
agent/trending
agent/event
collector/nvd-cve
vendor/jenkins
canonical/jenkins lts
canonical/jenkins
package-manager/maven

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.