Jenkins Job Import Plugin 3.5 and... CVE-2022-43413

- AV AC AU C I A
发布: 2022-10-19
修订: 2024-11-21

Jenkins Job Import Plugin 3.5 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息