CVE-2023-24451

A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2023-24451

A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2023-24451

CVE-2023-24451 affects the Jenkins Cisco Spark Notifier Plugin, version 1.1.1 and earlier. The root cause is a missing permission check across several HTTP endpoints, enabling attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins. This can facilitate credential har...