Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2018-1999006 - Vulnerability Database
Jenkins

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2018-1999006

Medium
Reference: CVE-2018-1999006
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-1999006
Title: Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

A exposure of sensitive information vulnerability exists in Jenkins 2.132 and earlier 2.121.1 and earlier in Plugin.java that allows attackers to determine the date and time when a plugin HPI/JPI file was last extracted which typically is the date of the most recent installation/upgrade.