CVE-2019-10344

Missing permission checks in Jenkins Configuration as Code Plugin 1.24 and earlier in various HTTP endpoints allowed users with Overall/Read access to access the generated schema and documentation for this plugin containing detailed information about installed plugins.
References
Configurations

Configuration 1

cpe:2.3:a:jenkins:configuration_as_code:*:*:*:*:*:jenkins:*:*

Information

Published : 2019-07-31 01:15

Updated : 2020-10-02 02:26


NVD link : CVE-2019-10344

Mitre link : CVE-2019-10344

Products Affected
No products.
CWE