CVE-2019-16567

2019-12-17T15:15:00
ID CVE-2019-16567
Type cve
Reporter cve@mitre.org
Modified 2020-10-05T15:13:00

Description

A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.