Security Advisory

CVE-2021-21645

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-21 14:20:33

Last updated 2024-08-03 18:16:23

Assigner jenkins

State PUBLISHED

Description

Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints, attackers with Overall/Read permission to enumerate configuration file IDs.

← Browse all CVEs View on cve.org ↗