A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2022-05-17T14:06:27
Updated: 2024-08-03T07:03:39.880Z
Reserved: 2022-05-16T00:00:00
Link: CVE-2022-30957
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-17T15:15:09.910
Modified: 2024-01-09T03:21:01.210
Link: CVE-2022-30957
Redhat
No data.