Impact
The Jenkins GitHub Branch Source Plugin version 1967.1969.v205fd594c821 and earlier contain a missing permission check that permits any user with Overall/Read permission to retrieve the URLs of GitHub Enterprise servers configured in the global plugin configuration. This disclosure reveals internal server addresses, potentially exposing sensitive infrastructure details and aiding attackers in mapping or targeting an organization's GitHub Enterprise environment. The weakness corresponds to improper access control and missing authorization controls as identified by CWE-425 and CWE-862.
Affected Systems
The vulnerability affects Jenkins installations that employ the GitHub Branch Source Plugin up to and including version 1967.1969.v205fd594c821. Any Jenkins instance with this plugin configured to connect to one or more GitHub Enterprise servers is at risk. Organizations using the plugin for source code integration should review the plugin version and confirm whether it remains within the affected range.
Risk and Exploitability
The CVSS score of 4.3 indicates moderate confidentiality impact and low to moderate risk when combined with the absence of an EPSS score or KEV listing. The attack vector is limited to users who already possess Overall/Read permission; the vulnerability does not require elevated rights or exploitation of additional components. Attackers can exploit this weakness merely by accessing the standard plugin configuration page in Jenkins, which is generally available to any trusted user, allowing them to list the internal GitHub Enterprise server URLs. Because the exploit is straightforward and requires no special conditions, the risk remains notable for organizations with broad read permissions or poorly segmented user roles.
OpenCVE Enrichment