Type
Research
Actors
Pub. date
May 9, 2023
Initial access
Software misconfig
Impact
Data exfiltration
Targeted technologies
Jenkins
References
https://maia.crimew.gay/posts/optimeyes-leak/https://sizeof.cat/post/optimeyes-leak/
Status
Stub
Last edited
Jun 2, 2024 8:02 AM
Optimeyes's Jenkins instance was publicly exposed, albeit with few viewable workspaces and locked down admin permissions. However, the build information for each past build contained a link to the corrosponding git repository, including the bitbucket credentials in the url. This led to an attacker discovering this and leaking their data online.
Leaked data included many git repos, git credentials in git configs, other config files with credentials, s3 bucket contents including customer network inventories and vuln scans, proprietary ML models, database backups, SFTP private keys, and more.