Описание
In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343).
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingPatch
- Patch
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatch
- Patch
- Vendor Advisory
Уязвимые конфигурации
EPSS
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343).
In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343).
In jenkins before versions 2.44, 2.32.2 node monitor data could be vie ...
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
EPSS
4.3 Medium
CVSS3
4 Medium
CVSS2