CVE-2020-2310

2020-11-0415:15:11

Google

osv.dev

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.0%

JSON

Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier allow attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

CPENameOperatorVersion
ansible-plugineqansible-0.4
ansible-plugineqansible-0.7
ansible-plugineqansible-1.0
ansible-plugineqansible-0.5
ansible-plugineqansible-0.6
ansible-plugineqansible-0.1
ansible-plugineqansible-0.2
ansible-plugineqansible-0.6.2
ansible-plugineqansible-0.6.1
ansible-plugineqansible-0.3.1

Name	Operator	Version
ansible-plugin	eq	ansible-0.4
ansible-plugin	eq	ansible-0.7
ansible-plugin	eq	ansible-1.0
ansible-plugin	eq	ansible-0.5
ansible-plugin	eq	ansible-0.6
ansible-plugin	eq	ansible-0.1
ansible-plugin	eq	ansible-0.2
ansible-plugin	eq	ansible-0.6.2
ansible-plugin	eq	ansible-0.6.1
ansible-plugin	eq	ansible-0.3.1