Описание
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1335418jenkins: Encrypted secrets (e.g. passwords) were leaked to users with permission to read configuration (SECURITY-266)
EPSS
Процентиль: 51%
0.00279
Низкий
4 Medium
CVSS2
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 9 лет назад
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.
CVSS3: 6.5
nvd
больше 9 лет назад
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.
CVSS3: 6.5
debian
больше 9 лет назад
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated u ...
CVSS3: 6.5
github
больше 3 лет назад
Jenkins Exposes Sensitive Information from Job Configuration
EPSS
Процентиль: 51%
0.00279
Низкий
4 Medium
CVSS2