Incorrect permission checks in Jenkins Google Compute Engine Plugin 4.550.vb_327fca_3db_11 and earlier allow attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate system-scoped credentials IDs of credentials stored in Jenkins and to connect to Google Cloud Platform using attacker-specified credentials IDs obtained through another method, to obtain information about existing projects. This fix has been backported to 4.3.17.1.
[
{
"vendor": "Jenkins Project",
"product": "Jenkins Google Compute Engine Plugin",
"versions": [
{
"version": "4.551.v5a_4dc98f6962",
"versionType": "maven",
"lessThan": "*",
"status": "unaffected"
},
{
"version": "4.3.17.1",
"versionType": "maven",
"lessThan": "4.3.17.*",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
]