CVE-2019-16547

Summary

Missing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugin configuration and environment.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Google Compute Engine Plugin4.1.1 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References