Vulnerabilities > Jenkins > Saltstack > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-01 CVE-2018-1999027 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Saltstack
An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.
network
high complexity
jenkins CWE-352
7.5