CVE-2022-25184

Publication date

2022-02-15 16:11:08

Family

jenkins

State

PUBLISHED

Description

Jenkins Pipeline: Build Step Plugin 2.15 and earlier reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator, allowing attackers with Item/Read permission to retrieve the default password parameter value from jobs.