Kwetsbaarheid CVE-2018-1000412

An Improper Authorization Vulnerability Exists In Jenkins Jira Plugin 3.0.1 And Earlier In JiraSite.java That Allows Attackers With Overall/Read Access To Have Jenkins Connect To An Attacker-specified URL Using Attacker-specified Credentials IDs Obtained Through Another Method, Capturing Credentials Stored In Jenkins.

Algemeen

CVE
CVE-2018-1000412
Leverancier(s) betrokken
Omschrijving
An Improper Authorization Vulnerability Exists In Jenkins Jira Plugin 3.0.1 And Earlier In JiraSite.java That Allows Attackers With Overall/Read Access To Have Jenkins Connect To An Attacker-specified URL Using Attacker-specified Credentials IDs Obtained Through Another Method, Capturing Credentials Stored In Jenkins.
Publicatie
Woensdag, 9 Januari 2019
Gewijzigd
Maandag, 14 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE