Описание
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-862
https://bugzilla.redhat.com/show_bug.cgi?id=1895947jenkins-2-plugins/kubernetes: Missing permission check in Kubernetes Plugin allows enumerating credentials IDs
4.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.3
nvd
больше 4 лет назад
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVSS3: 4.3
github
около 3 лет назад
Missing authorization in Jenkins Kubernetes Plugin
4.3 Medium
CVSS3