A missing permission check in Jenkins Datadog Plugin 5.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.