Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-3723 - Vulnerability Database
Jenkins

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-3723

Medium
Reference: CVE-2016-3723
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-3723
Title: Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.