Jenkins Gitee Plugin
Monthly
Credential ID enumeration in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows authenticated attackers holding only global Item/Configure permission to bypass the intended per-job permission boundary and list credential IDs stored in Jenkins. The root cause is an incorrect permission check (CWE-862) that conflates global and job-scoped authorization, leaking credential identifiers without requiring job-level rights. No public exploit code exists and SSVC rates exploitation status as none; however, enumerated credential IDs can serve as reconnaissance for chained attacks targeting those credentials.
Cross-site request forgery in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows network-accessible attackers to force a Jenkins instance to initiate connections to attacker-controlled URLs, using credential IDs previously obtained through a separate method. The CVSS vector confirms a low-privileged authenticated attacker posture (PR:L), meaning the victim must hold an active Jenkins session. No active exploitation is confirmed per CISA KEV, and the SSVC framework rates exploitation as currently none with partial technical impact.
Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow any authenticated user holding the minimal Overall/Read Jenkins role to trigger outbound connections from the Jenkins controller to an attacker-specified URL using credential IDs sourced through a secondary method. This creates an SSRF-like primitive enabling internal network probing and credential ID validation without administrative access. No public exploit code has been identified at time of analysis, and SSVC confirms current exploitation status as none.
Credential ID enumeration in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows authenticated attackers holding only global Item/Configure permission to bypass the intended per-job permission boundary and list credential IDs stored in Jenkins. The root cause is an incorrect permission check (CWE-862) that conflates global and job-scoped authorization, leaking credential identifiers without requiring job-level rights. No public exploit code exists and SSVC rates exploitation status as none; however, enumerated credential IDs can serve as reconnaissance for chained attacks targeting those credentials.
Cross-site request forgery in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows network-accessible attackers to force a Jenkins instance to initiate connections to attacker-controlled URLs, using credential IDs previously obtained through a separate method. The CVSS vector confirms a low-privileged authenticated attacker posture (PR:L), meaning the victim must hold an active Jenkins session. No active exploitation is confirmed per CISA KEV, and the SSVC framework rates exploitation as currently none with partial technical impact.
Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow any authenticated user holding the minimal Overall/Read Jenkins role to trigger outbound connections from the Jenkins controller to an attacker-specified URL using credential IDs sourced through a secondary method. This creates an SSRF-like primitive enabling internal network probing and credential ID validation without administrative access. No public exploit code has been identified at time of analysis, and SSVC confirms current exploitation status as none.