Vulnerabilities > CVE-2018-1000110 - Incorrect Authorization vulnerability in Jenkins GIT

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
jenkins
CWE-863

Summary

An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users.

Vulnerable Configurations

Part Description Count
Application
Jenkins
136

Common Weakness Enumeration (CWE)