Description
A missing permission check in Jenkins Artifactory Plugin 3.2.3 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.11)
WordPress Plugin WP Live Chat Support Pro Unspecified Vulnerability (8.0.07)
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.2)
WordPress Plugin Download Theme Arbitrary Directory Download (1.0.2)
OpenSSL Resource Management Errors Vulnerability (CVE-2011-4619)