4.3
/ 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
An incorrect permission check in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credentials IDs of credentials stored in Jenkins.
Basic Information
ID
CVE-2026-57293
Source
jenkins
Published
Jun 24, 2026 at 13:20
Modified
Jun 24, 2026 at 14:47
Affected Product
Vendor
Jenkins Project
Product
Jenkins Gitee Plugin
Affected Versions
Jenkins Project Jenkins Gitee Plugin 0