2 matches found
CVE-2023-24431
A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2023-24431
CVE-2023-24431 affects the Jenkins Orka by MacStadium Plugin (versions 1.31 and earlier). The issue is a missing permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins. This can facilitate credential exposure and ...