Kwetsbaarheid CVE-2018-1000418

An Improper Authorization Vulnerability Exists In Jenkins HipChat Plugin 2.2.0 And Earlier In HipChatNotifier.java That Allows Attackers With Overall/Read Access To Send Test Notifications To An Attacker-specified HipChat Server With Attacker-specified Credentials IDs Obtained Through Another Method, Capturing Credentials Stored In Jenkins.

Algemeen

CVE
CVE-2018-1000418
Leverancier(s) betrokken
Omschrijving
An Improper Authorization Vulnerability Exists In Jenkins HipChat Plugin 2.2.0 And Earlier In HipChatNotifier.java That Allows Attackers With Overall/Read Access To Send Test Notifications To An Attacker-specified HipChat Server With Attacker-specified Credentials IDs Obtained Through Another Method, Capturing Credentials Stored In Jenkins.
Publicatie
Woensdag, 9 Januari 2019
Gewijzigd
Maandag, 14 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE