CVE-2021-21621

Summary

Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the "About user (basic authentication details only)" information, which can include the session ID of the user creating the support bundle in some configurations.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Support Core Pluginunspecified <= 2.72affected
Jenkins projectJenkins Support Core Plugin2.70.1unaffected
Jenkins projectJenkins Support Core Plugin2.68.1unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References