CVE-2022-20620

Publication date

2022-01-12 19:05:58

Family

jenkins

State

PUBLISHED

Description

Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.