Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Jenkins Project | Jenkins Gitee Plugin | unaffected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Jenkins Project | Jenkins Gitee Plugin | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 24 Jun 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Jenkins Project
Jenkins Project jenkins Gitee Plugin |
|
| Vendors & Products |
Jenkins Project
Jenkins Project jenkins Gitee Plugin |
Wed, 24 Jun 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Credential ID Enumeration in Jenkins Gitee Plugin via Faulty Permission Check |
Wed, 24 Jun 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Inappropriate Permission Check Allows Credential ID Enumeration in Jenkins Gitee Plugin |
Wed, 24 Jun 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Wed, 24 Jun 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Inappropriate Permission Check Allows Credential ID Enumeration in Jenkins Gitee Plugin | |
| Weaknesses | CWE-284 |
Wed, 24 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-862 | |
| Metrics |
cvssV3_1
|
Wed, 24 Jun 2026 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An incorrect permission check in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credentials IDs of credentials stored in Jenkins. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: jenkins
Published:
Updated: 2026-06-24T14:47:35.688Z
Reserved: 2026-06-24T08:41:44.358Z
Link: CVE-2026-57293
Vulnrichment
Updated: 2026-06-24T14:47:24.491Z
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-24T20:41:06Z