CVE-2018-1000169 jenkins: CLI leaked existence of views and agents with attacker-specified names to users without Overall/Read permission (SECURITY-754)
The Jenkins CLI sent different error responses for commands with view and agent arguments depending on the existence of the specified views or agents to unauthorized users. This allowed attackers to determine whether views or agents with specified names exist.
External References:
https://jenkins.io/security/advisory/2018-04-11/