Medium severity4.3NVD Advisory· Published May 21, 2019· Updated Jun 17, 2026
CVE-2019-10319
CVE-2019-10319
Description
A missing permission check in Jenkins PAM Authentication Plugin 1.5 and earlier, except 1.4.1 in PamSecurityRealm.DescriptorImpl#doTest allowed users with Overall/Read permission to obtain limited information about the file /etc/shadow and the user Jenkins is running as.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2>=1.4.1, <=1.5+ 1 more
- (no CPE)range: >=1.4.1, <=1.5
- (no CPE)range: 1.5 and earlier, except 1.4.1
Patches
Vulnerability mechanics
References
2- www.openwall.com/lists/oss-security/2019/05/21/1nvdMailing ListThird Party Advisory
- jenkins.io/security/advisory/2019-05-21/nvdVendor Advisory
News mentions
0No linked articles in our index yet.