3 matches found
CVE-2019-10312
A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptordoFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins...
CVE-2019-10312
CVE-2019-10312 affects Jenkins Ansible Tower Plugin 0.9.1 and earlier. The root cause is a missing permission check in TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems, which allowed attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins. ...
CVE-2019-10312
A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptordoFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins...