Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-3727 - Vulnerability Database
Jenkins

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-3727

Medium
Reference: CVE-2016-3727
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-3727
Title: Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.