CVE-2022-41251
Missing Authorization in maven/org.jenkins-ci.plugins/apprenda
Identifiers
GHSA-52v4-wxrx-gjjm, CVE-2022-41251
Package Slug
maven/org.jenkins-ci.plugins/apprenda
Vulnerability
Missing Authorization
Description
A missing permission check in Jenkins Apprenda Plugin 2.2.0 and earlier allows users with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Affected Versions
All versions up to 2.2.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-09-27
| source |