The following flaw was found in Jenkins:
Users with extended read access could access encrypted secrets stored directly in the configuration of those items.
As a side-effect of this change, copying a job that contains secrets in its configuration now requires the Configure permission on that job.
External References:
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
This issue has been addressed in the following products:
Red Hat OpenShift Enterprise 3.2
Red Hat OpenShift Enterprise 3.1
Via RHSA-2016:1206 https://access.redhat.com/errata/RHSA-2016:1206