Lucene search

CVE-2023-24433

🗓️ 26 Jan 2023 21:17:18Reported by jenkinsType

CVE-2023-24433: Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlie

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Vulnrichment	CVE-2023-24433	24 Jan 202300:00	–	vulnrichment
NVD	CVE-2023-24433	26 Jan 202321:18	–	nvd
Cvelist	CVE-2023-24433	24 Jan 202300:00	–	cvelist
Prion	Design/Logic Flaw	26 Jan 202321:18	–	prion
Github Security Blog	Missing permission checks in Jenkins Orka Plugin allow capturing credentials	26 Jan 202321:30	–	github
OSV	Missing permission checks in Jenkins Orka Plugin allow capturing credentials	26 Jan 202321:30	–	osv
Tenable Nessus	Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.7 Multiple Vulnerabilities (CloudBees Security Advisory 2023-01-24)	24 Jan 202300:00	–	nessus
Tenable Nessus	Jenkins plugins Multiple Vulnerabilities (2023-01-24)	27 Feb 202300:00	–	nessus

Nvd

Node

jenkins orka_by_macstadiumRange<1.32jenkins

[
  {
    "product": "Jenkins Orka by MacStadium Plugin",
    "vendor": "Jenkins Project",
    "versions": [
      {
        "lessThanOrEqual": "1.31",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
jenkins	www.jenkins.io/security/advisory/2023-01-24/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jan 2023 21:18Current

6.3Medium risk

Vulners AI Score6.3

CVSS36.5

EPSS0.00158

SSVC

CWE-862