1. CVE-Search
  2. CVE-2019-10342
ID CVE-2019-10342
Summary A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.
References
Vulnerable Configurations
  • cpe:2.3:a:jenkins:docker:0.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.3.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.3.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.3.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.3.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.3.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.3.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.3.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.3.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.3.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.3.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.6.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.6.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.6.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.6.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.7:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.7:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.8:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.8:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.9.0:-:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.9.0:-:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.9.0:beta2:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.9.0:beta2:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.9.0:rc1:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.9.0:rc1:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.9.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.9.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.9.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.9.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.9.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.9.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.9.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.9.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.10.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.10.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.10.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.10.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.10.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.10.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.11.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.11.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.12.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.12.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.12.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.12.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.13.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.13.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.14.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.14.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.15.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.15.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.16.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.16.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.16.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.16.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.16.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.16.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.17:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.17:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:0.18:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:0.18:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.0.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.0.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.0.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.0.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.0.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.0.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.0.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.0.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.0.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.0.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.1.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.1.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.1.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.1.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.1.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.1.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.1.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.1.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.1.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.1.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:docker:1.1.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:docker:1.1.6:*:*:*:*:jenkins:*:*
CVSS
Base: 4.0 (as of 25-10-2023 - 18:16)
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
refmap via4
bid 109156
confirm https://jenkins.io/security/advisory/2019-07-11/#SECURITY-1400
mlist [oss-security] 20190711 Multiple vulnerabilities in Jenkins plugins
Last major update 25-10-2023 - 18:16
Published 11-07-2019 - 14:15
Last modified 25-10-2023 - 18:16
Back to Top