Jenkins Pipeline is a set of plug-ins that support the implementation and integration of continuous delivery pipelines into Jenkins.An access control error vulnerability exists in Jenkins Pipeline Phoenix AutoTest Plugin 1.3 and earlier, which stems from the plugin not performing permission checks across multiple HTTP endpoints, and an attacker with overall /read privileges, an attacker could use this vulnerability to enumerate the credential IDs of credentials stored in Jenkins.
CPE | Name | Operator | Version |
---|---|---|---|
jenkins pipeline phoenix autotest plugin | lt | 1.3 |