A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Kubernetes | Jenkins | * | 1.27.3 (including) |