Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins HashiCorp Vault Plugin 3.8.0 and earlier versions are vulnerable to an information disclosure vulnerability that stems from the plugin’s implementation of a feature that allows the agent process to retrieve any Vault secret for use on the agent. An attacker could exploit the vulnerability by taking control of the agent process to obtain specified paths and keys.
CPE | Name | Operator | Version |
---|---|---|---|
jenkins hashicorp vault plugin | le | 3.8.0 |