2 matches found
CVE-2020-2310
CVE-2020-2310 affects Jenkins Ansible Plugin 1.0 and earlier. The root cause is missing permission checks in methods implementing form validation, permitting attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins. Practical impact is information disclosure of creden...
CVE-2020-2310
Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier allow attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...