Jenkins Conjur Secrets Plugin授权问题漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Conjur Secrets Plugin 1.0.11 and earlier versions are vulnerable to an authorization issue that stems from not performing permission checks in HTTP endpoints. An attacker could exploit the vulnerability to enumerate credential ids stored in Jenkins using the Overall Read permission.