7 matches found
CVE-2022-41251
A missing permission check in Jenkins Apprenda Plugin 2.2.0 and earlier allows users with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
GHSA-52V4-WXRX-GJJM Jenkins Apprenda Plugin has Missing Authorization vulnerability
Jenkins Apprenda Plugin 2.2.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...
CVE-2022-41251
A missing permission check in Jenkins Apprenda Plugin 2.2.0 and earlier allows users with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2022-41251
A missing permission check in Jenkins Apprenda Plugin 2.2.0 and earlier allows users with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
Information disclosure
A missing permission check in Jenkins Apprenda Plugin 2.2.0 and earlier allows users with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2022-41251
A missing permission check in Jenkins Apprenda Plugin 2.2.0 and earlier allows users with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2022-41251
CVE-2022-41251 describes a missing authorization check in the Jenkins Apprenda Plugin (versions up to and including 2.2.0). The vulnerability allows users with Overall/Read permissions to enumerate credentials IDs stored in Jenkins, which can facilitate further credential-related exploitation. Mu...