Page 2 of 6 results (0.002 seconds)
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0
CVE-2018-1000105
https://notcve.org/view.php?id=CVE-2018-1000105
An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit in Jenkins. Existe una vulnerabilidad de autorización incorrecta en el plugin Gerrit Trigger para Jenkins, en versiones 2.27.4 y anteriores, en GerritManagement.java, GerritServer.java y PluginImpl.java que permite que un atacante con acceso Overall/Read recupere información de configuración sobre Gerrit en Jenkins. • https://jenkins.io/security/advisory/2018-02-26/#SECURITY-402 • CWE-863: Incorrect Authorization •