CVE Vulnerabilities

CVE-2021-21662

Published: Jun 10, 2021 | Modified: Oct 25, 2023
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.

Affected Software

Name Vendor Start Version End Version
Xebialabs_xl_deploy Jenkins * 10.0.1 (including)

References