← Back

CVE-2017-1000242

nvd nist
Published: Nov 1, 2017Modified: May 13, 2026

JSON object

Loading...
3.3
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 1.8 / Impact: 1.4
Source: NVD

Description

Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure

Affected (1)

Products: Jenkins: Git Client
Jenkins
1 product
Git Client
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Git Client
Up to 2.4.2

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cve@mitre.org
Source: cve@mitre.org
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory

Timeline

No history available yet.