CVSS Rating: 5.3 (medium)
Disclosing Company: Rhino Security Labs
Affected software/version:Jenkins GIT version 3.7.0
An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users.
Attack Complexity (AC)Low
Privileges Required (PR)None
User Interaction (UI)None