Improper Authorization Vulnerability in Jenkins Subversion Plugin Allows Unauthorized Access to Node and User Information

Improper Authorization Vulnerability in Jenkins Subversion Plugin Allows Unauthorized Access to Node and User Information

CVE-2018-1000111 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users.

Learn more about our Network Penetration Testing.