Lucene search
HistoryJul 26, 2023 - 2:15 p.m.
CVE-2023-39156
cve
csrf
vulnerability
jenkins
bazaar plugin
nvd
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0.0005 Low
EPSS
Percentile
17.7%
A cross-site request forgery (CSRF) vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags.
Affected configurations
Node
jenkinsbazaarRange≤1.22jenkins
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins:bazaar | jenkins bazaar | le | 1.22 |
CNA Affected
[
{
"defaultStatus": "unknown",
"product": "Jenkins Bazaar Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "1.22",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-07-26 14:15:00
nvd
nvd
CVE-2023-39156
2023-07-26 14:15:10
cvelist
cvelist
CVE-2023-39156
2023-07-26 13:54:55
osv
osv
CSRF vulnerability in Bazaar Plugin
2023-07-26 15:30:57
github
github
CSRF vulnerability in Bazaar Plugin
2023-07-26 15:30:57
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-07-29 10:40:42
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2023-07-26)
2023-07-28 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0.0005 Low
EPSS
Percentile
17.7%
Related for CVE-2023-39156