Lucene search
JenkinsCVELIST:CVE-2023-46652HistoryOct 25, 2023 - 1:45 p.m.
CVE-2023-46652
2023-10-2513:45:54
jenkins
www.cve.org
1
cve-2023-46652
jenkins
lambdatest-automation
permission
vulnerability
credentials
enumeration
A missing permission check in Jenkins lambdatest-automation Plugin 1.20.9 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of LAMBDATEST credentials stored in Jenkins.
CNA Affected
[
{
"vendor": "Jenkins Project",
"product": "Jenkins lambdatest-automation Plugin",
"versions": [
{
"version": "0",
"versionType": "maven",
"lessThanOrEqual": "1.20.9",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
cve
cve
CVE-2023-46652
2023-10-25 18:17:40
osv
osv
Jenkins lambdatest-automation Plugin missing permission check
2023-10-25 18:32:25
prion
prion
Cross site request forgery (csrf)
2023-10-25 18:17:00
nvd
nvd
CVE-2023-46652
2023-10-25 18:17:40
github
github
Jenkins lambdatest-automation Plugin missing permission check
2023-10-25 18:32:25
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2023-10-25)
2023-10-25 00:00:00