cpe:/a:apache:mesos:0.17.1::~~~jenkins~~ CVE-2018-1000421 2019-01-09T18:29:02.810-05:00 2019-01-30T11:01:48.687-05:00 4.0 NETWORK LOW SINGLE_INSTANCE NONE PARTIAL NONE http://nvd.nist.gov 2019-01-16T08:13:26.530-05:00 BID 106532 CONFIRM https://jenkins.io/security/advisory/2018-09-25/#SECURITY-1013%20(2) An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.