Jenkins Reverse Proxy Auth Plugin 1.5 and older: Sensitive Information Exposure Vulnerability
CVE-2018-1000150 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.
Learn more about our User Device Pen Test.