Improper Authorization Vulnerability in Jenkins Git Plugin Allows Unauthorized Access to Node and User Information

Improper Authorization Vulnerability in Jenkins Git Plugin Allows Unauthorized Access to Node and User Information

CVE-2018-1000110 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users.

Learn more about our Network Penetration Testing.