Description
Missing permission checks in Jenkins ElectricFlow Plugin 1.1.5 and earlier in various HTTP endpoints allowed users with Overall/Read access to obtain information about the Jenkins ElectricFlow Plugin configuration and configuration of connected ElectricFlow instances.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Jenkins project | Jenkins ElectricFlow Plugin | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-4521 | Missing permission checks in Jenkins ElectricFlow Plugin 1.1.5 and earlier in various HTTP endpoints allowed users with Overall/Read access to obtain information about the Jenkins ElectricFlow Plugin configuration and configuration of connected ElectricFlow instances. |
 Github GHSA |
GHSA-m8f2-9282-x38v | Jenkins ElectricFlow Plugin Missing permission checks |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published:
Updated: 2024-08-04T22:17:20.588Z
Reserved: 2019-03-29T00:00:00.000Z
Link: CVE-2019-10333
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-06-11T14:29:00.900
Modified: 2024-11-21T04:18:54.653
Link: CVE-2019-10333
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses