CVE-2019-10439 is a vulnerability in Jenkins Crx Content Package Deployer
Published on October 16, 2019

A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier in various 'doFillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

NVD

Products Associated with CVE-2019-10439

Want to know whenever a new CVE is published for Jenkins Crx Content Package Deployer? stack.watch will email you.

Jenkins Crx Content Package Deployer

Affected Versions

Jenkins project Jenkins CRX Content Package Deployer Plugin Version 1.8.1 and earlier is affected by CVE-2019-10439

Exploit Probability

EPSS

0.03%

Percentile

8.96%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-10439 is a vulnerability in Jenkins Crx Content Package DeployerPublished on October 16, 2019

Products Associated with CVE-2019-10439

Affected Versions

Exploit Probability

CVE-2019-10439 is a vulnerability in Jenkins Crx Content Package Deployer
Published on October 16, 2019