CVE-2025-24397
published 2025-01-22CVE-2025-24397: An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure…
PriorityP421medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
EPSS
0.29%
20.5th percentile
An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credential IDs of GitLab API token and Secret text credentials stored in Jenkins.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gitlab | gitlab | — | — |
| jenkins | azure_service_fabric_plugin | — | — |
| jenkins | bitbucket_server_integration_plugin | — | — |
| jenkins | cache_confusion_in_eiffel_broadcaster_plugin | — | — |
| jenkins | eiffel_broadcaster_plugin | — | — |
| jenkins | folder-based_authorization_strategy_plugin | — | — |
| jenkins | gitlab | <= 1.9.6 | — |
| jenkins | gitlab_plugin | — | — |
| jenkins | openid_connect_authentication_plugin | — | — |
| jenkins | tokens_displayed_without_masking_by_zoom_plugin | — | — |
| jenkins | zoom_plugin | — | — |
| jenkins_project | jenkins_gitlab_plugin | <= 1.9.6 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GitLab
CVE-2025-24397: An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission (while lacking Item/Co
vendor_gitlab·2025-01-22·CVSS 4.3
CVE-2025-24397 [MEDIUM] CWE-863 CVE-2025-24397: An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission (while lacking Item/Co
CVE-2025-24397: An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credential IDs of GitLab API token and Secret text credentials stored in Jenkins.
Jenkins
Jenkins Security Advisory 2025-01-22
vendor_jenkins·2025-01-22·CVSS 4.3
CVE-2025-0142 [MEDIUM] Jenkins Security Advisory 2025-01-22
Title: Jenkins Security Advisory 2025-01-22
Jenkins Security Advisory 2025-01-22
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Azure Service Fabric
Plugin
Bitbucket Server Integration
Plugin
Eiffel Broadcaster
Plugin
Folder-based Authorization Strategy
Plugin
GitLab
Plugin
OpenId Connect Authen
OSV
Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs
osv·2025-01-22
CVE-2025-24397 [MEDIUM] Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs
Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs
The Jenkins GitLab Plugin 1.9.6 and earlier does not correctly perform a permission check in an HTTP endpoint.
This allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credential IDs of GitLab API token credentials and Secret text credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability.
An enumeration of credential IDs in GitLab Plugin 1.9.7 requires Overall/Administer permission.
GHSA
Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs
ghsa·2025-01-22
CVE-2025-24397 [MEDIUM] CWE-285 Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs
Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs
The Jenkins GitLab Plugin 1.9.6 and earlier does not correctly perform a permission check in an HTTP endpoint.
This allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credential IDs of GitLab API token credentials and Secret text credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability.
An enumeration of credential IDs in GitLab Plugin 1.9.7 requires Overall/Administer permission.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-01-22
Published