CVE-2020-2313

Summary

A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Azure Key Vault Pluginunspecified <= 2.0affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References