3 matches found
CVE-2020-2285
A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2020-2285
The CVE concerns Jenkins Liquibase Runner Plugin (versions ≤ 1.4.7). A missing permission check in the plugin’s HTTP endpoint allows attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins. This credential enumeration is the primary impact described, and attackers co...
CVE-2020-2285
A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...