CVE-2019-10344
31.07.2019, 13:15
Missing permission checks in Jenkins Configuration as Code Plugin 1.24 and earlier in various HTTP endpoints allowed users with Overall/Read access to access the generated schema and documentation for this plugin containing detailed information about installed plugins.Enginsight
| Vendor | Product | Version |
|---|---|---|
| jenkins | configuration_as_code | 𝑥 ≤ 1.24 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration