Описание
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-862
https://bugzilla.redhat.com/show_bug.cgi?id=1895947jenkins-2-plugins/kubernetes: Missing permission check in Kubernetes Plugin allows enumerating credentials IDs
EPSS
Процентиль: 26%
0.00089
Низкий
4.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.3
nvd
около 5 лет назад
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVSS3: 4.3
github
больше 3 лет назад
Missing authorization in Jenkins Kubernetes Plugin
EPSS
Процентиль: 26%
0.00089
Низкий
4.3 Medium
CVSS3