Lucene search

CVE-2023-24458

🗓️ 26 Jan 2023 21:19:18Reported by jenkinsType

CVE-2023-24458: CSRF vulnerability in Jenkins BearyChat Plugin

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 10
OSV	Cross-site request forgery vulnerability in Jenkins BearyChat Plugin	26 Jan 202321:30	–	osv
OSV	CVE-2023-24458	26 Jan 202321:18	–	osv
Github Security Blog	Cross-site request forgery vulnerability in Jenkins BearyChat Plugin	26 Jan 202321:30	–	github
NVD	CVE-2023-24458	26 Jan 202321:18	–	nvd
Vulnrichment	CVE-2023-24458	24 Jan 202300:00	–	vulnrichment
Prion	Cross site request forgery (csrf)	26 Jan 202321:18	–	prion
AlpineLinux	CVE-2023-24458	26 Jan 202321:18	–	alpinelinux
Cvelist	CVE-2023-24458	24 Jan 202300:00	–	cvelist
Tenable Nessus	Jenkins plugins Multiple Vulnerabilities (2023-01-24)	27 Feb 202300:00	–	nessus
Tenable Nessus	Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.7 Multiple Vulnerabilities (CloudBees Security Advisory 2023-01-24)	24 Jan 202300:00	–	nessus

Nvd

Node

jenkins bearychatRange≤3.0.2jenkins

[
  {
    "product": "Jenkins BearyChat Plugin",
    "vendor": "Jenkins Project",
    "versions": [
      {
        "lessThanOrEqual": "3.0.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 3.0.2",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
jenkins	www.jenkins.io/security/advisory/2023-01-24/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jan 2023 21:18Current

8.5High risk

Vulners AI Score8.5

CVSS38.8

EPSS0.00344

SSVC

CWE-352