Security Advisory

CVE-2025-27623

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-05 22:33:35

Last updated 2025-03-06 16:18:41

Assigner jenkins

State PUBLISHED

Description

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing `config.xml` of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets.

← Browse all CVEs View on cve.org ↗