3 matches found
CVE-2019-10323
A missing permission check in Jenkins Artifactory Plugin 3.2.3 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...
CVE-2019-10323
A missing permission check in Jenkins Artifactory Plugin 3.2.3 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...
CVE-2019-10323
The CVE-2019-10323 issue affects the Jenkins Artifactory Plugin (notably 3.2.0/3.2.1 and earlier up to 3.2.3), where doFillCredentialsIdItems lacks proper permission checks. This allows any user with Overall/Read access to enumerate credential IDs in Jenkins, causing information disclosure of sto...