Vulnerabilities > Jenkins > Ansible Tower > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-04-30 CVE-2019-10312 Missing Authorization vulnerability in Jenkins Ansible Tower
A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.
network
low complexity
jenkins CWE-862
4.3