Extremely vulnerable Jenkins Server on your infrastructure

Description

Hello,
While searching for extremely vulnerable servers, I have found which belongs to your organization.
Link: https://3.125.211.189/
I am able to see all the logs, source code, build logs of your Jenkins server without any authentication. Being in enterprise resource solutions services, supply chain management, Security of the data, e-commerce services this issue is very severe. I hope you take your security very seriously. I hope you will authenticate the server soon and award me a good bounty for this responsible disclosure.

Best Regards,
Roottrader

Environment

None

Activity

Show:
Carlos Ruiz
August 27, 2020, 10:31 AM

Hi , iDempiere is an open source, so is normal that the code is visible.

Regards,

Carlos Ruiz

root trader
August 27, 2020, 10:33 AM

Hey Carlos,

Thank you so much for your quick response. I am glad that this server is meant to be public.

Assignee

Unassigned

Reporter

root trader

Labels

Tested By

None

Components

Fix versions

Affects versions

Priority

Critical
Configure