-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:role-strategy | maven | >= 2.12, < 3.1 | 3.1 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from missing cache invalidation after configuration changes. The primary vulnerable function is 'configure' (or equivalent config persistence method), which failed to clear the permission cache when settings were updated. Secondary is 'getGrantedPermissions' (or similar) which served stale data from the cache. These functions are central to the permission lifecycle - configuration updates and permission checks - making them key runtime indicators when profiling exploitation attempts.