CVE-2019-10465

A missing permission check in Jenkins Deploy WebLogic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system.
References
Configurations

Configuration 1

cpe:2.3:a:jenkins:deploy_weblogic:*:*:*:*:*:jenkins:*:*

Information

Published : 2019-10-23 01:15

Updated : 2019-10-24 05:25


NVD link : CVE-2019-10465

Mitre link : CVE-2019-10465

Products Affected
No products.
CWE
CWE-276

Incorrect Default Permissions