Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-25766HistoryFeb 15, 2023 - 2:15 p.m.
CVE-2023-25766
2023-02-1514:15:13
Alpine Linux Development Team
security.alpinelinux.org
12
jenkins
azure credentials plugin
permission check
attackers
credentials ids
unix
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
22.8%
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.17-community | noarch | jenkins | = 2.361.2-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | jenkins | = 2.387.3-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | jenkins | = 2.440.3-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | jenkins | = 2.440.2-r0 | UNKNOWN |
| Alpine | edge-community | noarch | jenkins | = 2.462.1-r0 | UNKNOWN |
Related
github
github
Missing Authorization in Jenkins Azure Credentials Plugin
2023-02-15 15:30:40
nvd
nvd
CVE-2023-25766
2023-02-15 14:15:13
osv
osv
Missing Authorization in Jenkins Azure Credentials Plugin
2023-02-15 15:30:40
cvelist
cvelist
CVE-2023-25766
2023-02-15 00:00:00
prion
prion
Information disclosure
2023-02-15 14:15:00
cve
cve
CVE-2023-25766
2023-02-15 14:15:13
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
22.8%
Related for ALPINE:CVE-2023-25766