We run automated vulnerability scans of our Windows hosts that collect software inventory and inspect program version information from what I suspect is the registry. We also keep Jenkins up to date using the Upgrade Automatically feature in the Web UI. However, even though the Jenkins Web UI shows that we are using version 2.387.2, Add/Remove programs shows that we are using v2.222.4 which gets reported to our vulnerability scanner (and thus creates critical security findings) which then creates headaches for me because I have to explain to the InfoSec auditors that we really aren’t on that old version.
Is there a way to get the registry or Add/Remove programs to display the currently installed version of Jenkins?