ID CVE-2021-21661
Summary Jenkins Kubernetes CLI Plugin 1.10.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 10-06-2021 - 18:15
Published 10-06-2021 - 15:15
Last modified 10-06-2021 - 18:15
Back to Top