Описание
Missing permission Jenkins Pipeline Phoenix AutoTest Plugin
A missing permission check in Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Пакеты
Наименование
com.surenpi.jenkins:phoenix-autotest
maven
Затронутые версииВерсия исправления
<= 1.3
Отсутствует
Связанные уязвимости
CVSS3: 6.5
nvd
почти 4 года назад
A missing permission check in Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.