CVE-2020-2118

2020-02-12T15:15:00
ID CVE-2020-2118
Type cve
Reporter cve@mitre.org
Modified 2020-02-14T18:33:00

Description

A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.