漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins in some circumstances.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jenkins CloudBees AWS Credentials 安全漏洞
Vulnerability Description
Jenkins CloudBees AWS Credentials是 (Jenkins)开源的一个应用插件。该插件允许在Jenkins凭证API中存储Amazon IAM凭证。 Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier 存在安全漏洞,该漏洞源于不会在HTTP端点的helper方法中执行权限检查。
CVSS Information
N/A
Vulnerability Type
N/A