DATABASE RESOURCES PRICING ABOUT US

{"id": "JENKINS_SECURITY_ADVISORY_2023-01-24_PLUGINS.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Jenkins plugins Multiple Vulnerabilities (2023-01-24)", "description": "According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities:\n\n - High Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be allowed. In Script Security Plugin 1228.vd93135a_2fb_25 and earlier, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.\n Script Security Plugin 1229.v4880b_b_e905a_6 intercepts property assignments when invoking map constructors. As part of this fix, map constructors may only be invoked in the sandbox using the new key.\n Attempting to invoke a map constructor using a Groovy cast will fail unconditionally. For example, code such as [key: value] as MyClass or MyClass mc = [key: value] must be converted to use new MyClass(key:\n value) instead. (CVE-2023-24422)\n\n - Medium Gerrit Trigger Plugin 2.38.0 and earlier does not require POST requests for several HTTP endpoints, resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to rebuild previous builds triggered by Gerrit. Gerrit Trigger Plugin 2.38.1 requires POST requests for the affected HTTP endpoints. (CVE-2023-24423)\n\n - High OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins.\n OpenId Connect Authentication Plugin 2.5 invalidates the existing session on login. (CVE-2023-24424)\n\n - Medium Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to. Kubernetes Credentials Provider Plugin 1.209.v862c6e5fb_1ef defines the appropriate context for Kubernetes credentials lookup.\n (CVE-2023-24425)\n\n - High Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the existing session on login.\n This allows attackers to use social engineering techniques to gain administrator access to Jenkins. Azure AD Plugin 306.va_7083923fd50 invalidates the existing session on login. (CVE-2023-24426)\n\n - High Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. Bitbucket OAuth Plugin 0.13 invalidates the existing session on login. (CVE-2023-24427)\n\n - Medium Bitbucket OAuth Plugin 0.12 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker's account. Bitbucket OAuth Plugin 0.13 implements a state parameter in its OAuth flow. (CVE-2023-24428)\n\n - High Semantic Versioning Plugin defines a controller/agent message that processes a given file as XML and its XML parser is not configured to prevent XML external entity (XXE) attacks. Semantic Versioning Plugin 1.14 and earlier does not restrict execution of the controller/agent message to agents, and implements no limitations about the file path that can be parsed. This allows attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. This is due to an incomplete fix of SECURITY-2124. This vulnerability is only exploitable in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. See the LTS upgrade guide. Semantic Versioning Plugin 1.15 does not allow the affected controller/agent message to be submitted by agents for execution on the controller. (CVE-2023-24429)\n\n - Medium Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. This allows attackers able to control the contents of the version file for the 'Determine Semantic Version' build step to have agent processes parse a crafted file that uses external entities for extraction of secrets from the Jenkins agent or server-side request forgery. Because Jenkins agent processes usually execute build tools whose input (source code, build scripts, etc.) is controlled externally, this vulnerability only has a real impact in very narrow circumstances: when attackers can control XML files, but are unable to change build steps, Jenkinsfiles, test code that gets executed on the agents, or similar. Semantic Versioning Plugin 1.15 disables external entity resolution for its XML parser. (CVE-2023-24430)\n\n - Medium Orka by MacStadium Plugin 1.31 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. An enumeration of credentials IDs in Orka by MacStadium Plugin 1.32 requires Overall/Administer permission. (CVE-2023-24431)\n\n - Medium Orka by MacStadium Plugin 1.31 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Additionally, these HTTP endpoints do not require POST requests, resulting in a cross- site request forgery (CSRF) vulnerability. Orka by MacStadium Plugin 1.32 requires POST requests and Overall/Administer permission for the affected HTTP endpoints. (CVE-2023-24432, CVE-2023-24433)\n\n - Medium GitHub Pull Request Builder Plugin 1.42.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this.\n (CVE-2023-24436)\n\n - Medium GitHub Pull Request Builder Plugin 1.42.2 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Additionally, these form validation methods do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24434, CVE-2023-24435)\n\n - Medium JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Additionally, these form validation methods do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24437, CVE-2023-24438)\n\n - Low JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private key unencrypted in its global configuration file org.thoughtslive.jenkins.plugins.jira.JiraStepsConfig.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to the Jenkins controller file system. Additionally, the global configuration form does not mask the API key, increasing the potential for attackers to observe and capture it. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24439, CVE-2023-24440)\n\n - Medium MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. This allows attackers able to control the contents of the report file for the 'Publish MSTest test result report' post-build step to have agent processes parse a crafted file that uses external entities for extraction of secrets from the Jenkins agent or server-side request forgery. Because Jenkins agent processes usually execute build tools whose input (source code, build scripts, etc.) is controlled externally, this vulnerability only has a real impact in very narrow circumstances: when attackers can control XML files, but are unable to change build steps, Jenkinsfiles, test code that gets executed on the agents, or similar. As of publication of this advisory, there is no fix. Learn why we announce this.\n (CVE-2023-24441)\n\n - Low GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file com.github.terma.jenkins.githubprcoveragestatus.Configuration.xml on the Jenkins controller as part of its configuration. These credentials can be viewed by users with access to the Jenkins controller file system.\n As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24442)\n\n - High Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the existing session on login.\n This allows attackers to use social engineering techniques to gain administrator access to Jenkins. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24456)\n\n - Medium Keycloak Authentication Plugin 2.3.0 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker's account. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24457)\n\n - High TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. This allows attackers able to control the zip archive input file for the 'TestComplete Test' build step to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24443)\n\n - High OpenID Plugin 2.4 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24444)\n\n - Medium OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins. This allows attackers to perform phishing attacks by having users go to a Jenkins URL that will forward them to a different site after successful authentication. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24445)\n\n - Medium OpenID Plugin 2.4 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker's account. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24446)\n\n - Medium RabbitMQ Consumer Plugin 2.8 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified AMQP server using attacker-specified username and password. Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this.\n (CVE-2023-24447, CVE-2023-24448)\n\n - Medium PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24449)\n\n - Medium view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These passwords can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24450)\n\n - Medium Cisco Spark Notifier Plugin 1.1.1 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this.\n (CVE-2023-24451)\n\n - Medium BearyChat Plugin 3.0.2 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24458, CVE-2023-24459)\n\n - Medium TestQuality Updater Plugin 1.3 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24452, CVE-2023-24453)\n\n - Low TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file com.testquality.jenkins.TestQualityNotifier.xml on the Jenkins controller as part of its configuration. This password can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24454)\n\n - Medium visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation. This allows attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24455)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2023-02-27T00:00:00", "modified": "2023-07-28T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/171929", "reporter": "This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24437", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24445", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24424", "https://jenkins.io/security/advisory/2023-01-24", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24423", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24447", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24451", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24428", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24443", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24436", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24425", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24427", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24422", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24439", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24429", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24431", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24444", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24457", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24433", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24440", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24450", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24430", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24448", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24459", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24438", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24452", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24426", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24432", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24441", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24446", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24454", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24458", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24442", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24456", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24453", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24455", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24434", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24435", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24449"], "cvelist": ["CVE-2023-24422", "CVE-2023-24423", "CVE-2023-24424", "CVE-2023-24425", "CVE-2023-24426", "CVE-2023-24427", "CVE-2023-24428", "CVE-2023-24429", "CVE-2023-24430", "CVE-2023-24431", "CVE-2023-24432", "CVE-2023-24433", "CVE-2023-24434", "CVE-2023-24435", "CVE-2023-24436", "CVE-2023-24437", "CVE-2023-24438", "CVE-2023-24439", "CVE-2023-24440", "CVE-2023-24441", "CVE-2023-24442", "CVE-2023-24443", "CVE-2023-24444", "CVE-2023-24445", "CVE-2023-24446", "CVE-2023-24447", "CVE-2023-24448", "CVE-2023-24449", "CVE-2023-24450", "CVE-2023-24451", "CVE-2023-24452", "CVE-2023-24453", "CVE-2023-24454", "CVE-2023-24455", "CVE-2023-24456", "CVE-2023-24457", "CVE-2023-24458", "CVE-2023-24459"], "immutableFields": [], "lastseen": "2023-07-28T13:12:51", "viewCount": 46, "enchantments": {"dependencies": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2023-24422", "ALPINE:CVE-2023-24426", "ALPINE:CVE-2023-24458", "ALPINE:CVE-2023-24459"]}, {"type": "cve", "idList": ["CVE-2023-24422", "CVE-2023-24423", "CVE-2023-24424", "CVE-2023-24425", "CVE-2023-24426", "CVE-2023-24427", "CVE-2023-24428", "CVE-2023-24429", "CVE-2023-24430", "CVE-2023-24431", "CVE-2023-24432", "CVE-2023-24433", "CVE-2023-24434", "CVE-2023-24435", "CVE-2023-24436", "CVE-2023-24437", "CVE-2023-24438", "CVE-2023-24439", "CVE-2023-24440", "CVE-2023-24441", "CVE-2023-24442", "CVE-2023-24443", "CVE-2023-24444", "CVE-2023-24445", "CVE-2023-24446", "CVE-2023-24447", "CVE-2023-24448", "CVE-2023-24449", "CVE-2023-24450", "CVE-2023-24451", "CVE-2023-24452", "CVE-2023-24453", "CVE-2023-24454", "CVE-2023-24455", "CVE-2023-24456", "CVE-2023-24457", "CVE-2023-24458", "CVE-2023-24459"]}, {"type": "github", "idList": ["GHSA-2JPX-H8J2-G8M4", "GHSA-3G2G-RCM6-RRQ2", "GHSA-3PPR-72X5-X67Q", "GHSA-4X65-4FJX-R7M6", "GHSA-5XHH-6XFV-7Q42", "GHSA-5XPC-C4XV-7W62", "GHSA-67W4-W877-JV29", "GHSA-685J-36QX-3VP2", "GHSA-6HW7-X86V-WRGF", "GHSA-6J27-3XFW-CJ2W", "GHSA-76QJ-9GWH-PVV3", "GHSA-87RH-WC85-XQVC", "GHSA-8MMH-H4JH-2G34", "GHSA-939X-6MWJ-96R2", "GHSA-95JQ-24CR-PGRQ", "GHSA-96JV-C7M6-Q43G", "GHSA-98QC-V8VG-MCX4", "GHSA-9963-GMH8-VVM6", "GHSA-9JWH-QVG7-GR59", "GHSA-9WRR-4R9V-26XC", "GHSA-CCF4-9HJC-XXC4", "GHSA-F976-24HC-MJVR", "GHSA-G29V-5PWH-WXX4", "GHSA-G5MJ-C26G-VMPM", "GHSA-GMHF-37FX-C4Q8", "GHSA-H8P8-6378-649P", "GHSA-HCVF-PFRM-JXGF", "GHSA-M6Q8-MWF6-6MMC", "GHSA-MJ62-M63X-MH84", "GHSA-PCC2-W6M8-X5W4", "GHSA-PX2F-CQRF-F2QG", "GHSA-QGJQ-HRHG-F24H", "GHSA-R3GM-JWF4-XGV2", "GHSA-VXMH-P52J-H33M", "GHSA-W4V5-54P8-M4J5", "GHSA-WJ79-9FXJ-J86P", "GHSA-X9Q4-QWFH-9GJQ", "GHSA-XR8H-WJ4V-RX7F"]}, {"type": "nessus", "idList": ["CLOUDBEES-SECURITY-ADVISORY-2023-01-24.NASL"]}, {"type": "osv", "idList": ["OSV:GHSA-2JPX-H8J2-G8M4", "OSV:GHSA-3G2G-RCM6-RRQ2", "OSV:GHSA-3PPR-72X5-X67Q", "OSV:GHSA-4X65-4FJX-R7M6", "OSV:GHSA-5XHH-6XFV-7Q42", "OSV:GHSA-5XPC-C4XV-7W62", "OSV:GHSA-67W4-W877-JV29", "OSV:GHSA-685J-36QX-3VP2", "OSV:GHSA-6HW7-X86V-WRGF", "OSV:GHSA-6J27-3XFW-CJ2W", "OSV:GHSA-76QJ-9GWH-PVV3", "OSV:GHSA-87RH-WC85-XQVC", "OSV:GHSA-8MMH-H4JH-2G34", "OSV:GHSA-939X-6MWJ-96R2", "OSV:GHSA-95JQ-24CR-PGRQ", "OSV:GHSA-96JV-C7M6-Q43G", "OSV:GHSA-98QC-V8VG-MCX4", "OSV:GHSA-9963-GMH8-VVM6", "OSV:GHSA-9JWH-QVG7-GR59", "OSV:GHSA-9WRR-4R9V-26XC", "OSV:GHSA-CCF4-9HJC-XXC4", "OSV:GHSA-F976-24HC-MJVR", "OSV:GHSA-G29V-5PWH-WXX4", "OSV:GHSA-G5MJ-C26G-VMPM", "OSV:GHSA-GMHF-37FX-C4Q8", "OSV:GHSA-H8P8-6378-649P", "OSV:GHSA-HCVF-PFRM-JXGF", "OSV:GHSA-M6Q8-MWF6-6MMC", "OSV:GHSA-MJ62-M63X-MH84", "OSV:GHSA-PCC2-W6M8-X5W4", "OSV:GHSA-PX2F-CQRF-F2QG", "OSV:GHSA-QGJQ-HRHG-F24H", "OSV:GHSA-R3GM-JWF4-XGV2", "OSV:GHSA-VXMH-P52J-H33M", "OSV:GHSA-W4V5-54P8-M4J5", "OSV:GHSA-WJ79-9FXJ-J86P", "OSV:GHSA-X9Q4-QWFH-9GJQ", "OSV:GHSA-XR8H-WJ4V-RX7F"]}, {"type": "redhat", "idList": ["RHSA-2023:1655", "RHSA-2023:1656", "RHSA-2023:3195", "RHSA-2023:3198", "RHSA-2023:3296", "RHSA-2023:3299", "RHSA-2023:3610"]}, {"type": "redhatcve", "idList": ["RH:CVE-2023-24422"]}]}, "score": {"value": 8.7, "vector": "NONE"}, "epss": [{"cve": "CVE-2023-24422", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2023-24423", "epss": 0.00048, "percentile": 0.14885, "modified": "2023-05-02"}, {"cve": "CVE-2023-24424", "epss": 0.00091, "percentile": 0.37666, "modified": "2023-05-02"}, {"cve": "CVE-2023-24425", "epss": 0.00049, "percentile": 0.15309, "modified": "2023-05-02"}, {"cve": "CVE-2023-24426", "epss": 0.00091, "percentile": 0.37666, "modified": "2023-05-02"}, {"cve": "CVE-2023-24427", "epss": 0.00091, "percentile": 0.37666, "modified": "2023-05-02"}, {"cve": "CVE-2023-24428", "epss": 0.00046, "percentile": 0.12774, "modified": "2023-05-02"}, {"cve": "CVE-2023-24429", "epss": 0.00134, "percentile": 0.47225, "modified": "2023-05-02"}, {"cve": "CVE-2023-24430", "epss": 0.00091, "percentile": 0.37666, "modified": "2023-05-02"}, {"cve": "CVE-2023-24431", "epss": 0.00044, "percentile": 0.11005, "modified": "2023-05-02"}, {"cve": "CVE-2023-24432", "epss": 0.00058, "percentile": 0.21892, "modified": "2023-05-02"}, {"cve": "CVE-2023-24433", "epss": 0.00049, "percentile": 0.15309, "modified": "2023-05-02"}, {"cve": "CVE-2023-24434", "epss": 0.00058, "percentile": 0.21892, "modified": "2023-05-02"}, {"cve": "CVE-2023-24435", "epss": 0.00049, "percentile": 0.15309, "modified": "2023-05-02"}, {"cve": "CVE-2023-24436", "epss": 0.00044, "percentile": 0.11005, "modified": "2023-05-02"}, {"cve": "CVE-2023-24437", "epss": 0.00058, "percentile": 0.21892, "modified": "2023-05-02"}, {"cve": "CVE-2023-24438", "epss": 0.00049, "percentile": 0.15309, "modified": "2023-05-02"}, {"cve": "CVE-2023-24439", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2023-24440", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2023-24441", "epss": 0.00091, "percentile": 0.37666, "modified": "2023-05-02"}, {"cve": "CVE-2023-24442", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2023-24443", "epss": 0.00091, "percentile": 0.37666, "modified": "2023-05-02"}, {"cve": "CVE-2023-24444", "epss": 0.00091, "percentile": 0.37666, "modified": "2023-05-02"}, {"cve": "CVE-2023-24445", "epss": 0.00046, "percentile": 0.13987, "modified": "2023-05-02"}, {"cve": "CVE-2023-24446", "epss": 0.00058, "percentile": 0.21892, "modified": "2023-05-02"}, {"cve": "CVE-2023-24447", "epss": 0.00058, "percentile": 0.21892, "modified": "2023-05-02"}, {"cve": "CVE-2023-24448", "epss": 0.00046, "percentile": 0.12774, "modified": "2023-05-02"}, {"cve": "CVE-2023-24449", "epss": 0.00046, "percentile": 0.12923, "modified": "2023-05-02"}, {"cve": "CVE-2023-24450", "epss": 0.00049, "percentile": 0.15309, "modified": "2023-05-02"}, {"cve": "CVE-2023-24451", "epss": 0.00044, "percentile": 0.11005, "modified": "2023-05-02"}, {"cve": "CVE-2023-24452", "epss": 0.00058, "percentile": 0.21892, "modified": "2023-05-02"}, {"cve": "CVE-2023-24453", "epss": 0.00046, "percentile": 0.12774, "modified": "2023-05-02"}, {"cve": "CVE-2023-24454", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2023-24455", "epss": 0.00046, "percentile": 0.12923, "modified": "2023-05-02"}, {"cve": "CVE-2023-24456", "epss": 0.00091, "percentile": 0.37666, "modified": "2023-05-02"}, {"cve": "CVE-2023-24457", "epss": 0.00048, "percentile": 0.14885, "modified": "2023-05-02"}, {"cve": "CVE-2023-24458", "epss": 0.00058, "percentile": 0.21892, "modified": "2023-05-02"}, {"cve": "CVE-2023-24459", "epss": 0.00046, "percentile": 0.12774, "modified": "2023-05-02"}], "vulnersScore": 8.7}, "_state": {"dependencies": 1690550073, "score": 1690550253, "epss": 0}, "_internal": {"score_hash": "e134b1dda7c37aa747c61a236b31b81b"}, "pluginID": "171929", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171929);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/28\");\n\n script_cve_id(\n \"CVE-2023-24422\",\n \"CVE-2023-24423\",\n \"CVE-2023-24424\",\n \"CVE-2023-24425\",\n \"CVE-2023-24426\",\n \"CVE-2023-24427\",\n \"CVE-2023-24428\",\n \"CVE-2023-24429\",\n \"CVE-2023-24430\",\n \"CVE-2023-24431\",\n \"CVE-2023-24432\",\n \"CVE-2023-24433\",\n \"CVE-2023-24434\",\n \"CVE-2023-24435\",\n \"CVE-2023-24436\",\n \"CVE-2023-24437\",\n \"CVE-2023-24438\",\n \"CVE-2023-24439\",\n \"CVE-2023-24440\",\n \"CVE-2023-24441\",\n \"CVE-2023-24442\",\n \"CVE-2023-24443\",\n \"CVE-2023-24444\",\n \"CVE-2023-24445\",\n \"CVE-2023-24446\",\n \"CVE-2023-24447\",\n \"CVE-2023-24448\",\n \"CVE-2023-24449\",\n \"CVE-2023-24450\",\n \"CVE-2023-24451\",\n \"CVE-2023-24452\",\n \"CVE-2023-24453\",\n \"CVE-2023-24454\",\n \"CVE-2023-24455\",\n \"CVE-2023-24456\",\n \"CVE-2023-24457\",\n \"CVE-2023-24458\",\n \"CVE-2023-24459\"\n );\n\n script_name(english:\"Jenkins plugins Multiple Vulnerabilities (2023-01-24)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on a remote web server host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are\naffected by multiple vulnerabilities:\n\n - High Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts,\n including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script\n are intercepted, and various allowlists are checked to determine whether the call is to be allowed. In\n Script Security Plugin 1228.vd93135a_2fb_25 and earlier, property assignments performed implicitly by the\n Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This\n vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines,\n to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.\n Script Security Plugin 1229.v4880b_b_e905a_6 intercepts property assignments when invoking map\n constructors. As part of this fix, map constructors may only be invoked in the sandbox using the new key.\n Attempting to invoke a map constructor using a Groovy cast will fail unconditionally. For example, code\n such as [key: value] as MyClass or MyClass mc = [key: value] must be converted to use new MyClass(key:\n value) instead. (CVE-2023-24422)\n\n - Medium Gerrit Trigger Plugin 2.38.0 and earlier does not require POST requests for several HTTP endpoints,\n resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to\n rebuild previous builds triggered by Gerrit. Gerrit Trigger Plugin 2.38.1 requires POST requests for the\n affected HTTP endpoints. (CVE-2023-24423)\n\n - High OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the existing session on\n login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins.\n OpenId Connect Authentication Plugin 2.5 invalidates the existing session on login. (CVE-2023-24424)\n\n - Medium Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate\n context for Kubernetes credentials lookup, allowing the use of System-scoped credentials otherwise\n reserved for the global configuration. This allows attackers with Item/Configure permission to access and\n potentially capture Kubernetes credentials they are not entitled to. Kubernetes Credentials Provider\n Plugin 1.209.v862c6e5fb_1ef defines the appropriate context for Kubernetes credentials lookup.\n (CVE-2023-24425)\n\n - High Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the existing session on login.\n This allows attackers to use social engineering techniques to gain administrator access to Jenkins. Azure\n AD Plugin 306.va_7083923fd50 invalidates the existing session on login. (CVE-2023-24426)\n\n - High Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the existing session on login. This\n allows attackers to use social engineering techniques to gain administrator access to Jenkins. Bitbucket\n OAuth Plugin 0.13 invalidates the existing session on login. (CVE-2023-24427)\n\n - Medium Bitbucket OAuth Plugin 0.12 and earlier does not implement a state parameter in its OAuth flow, a\n unique and non-guessable value associated with each authentication request. This vulnerability allows\n attackers to trick users into logging in to the attacker's account. Bitbucket OAuth Plugin 0.13 implements\n a state parameter in its OAuth flow. (CVE-2023-24428)\n\n - High Semantic Versioning Plugin defines a controller/agent message that processes a given file as XML and\n its XML parser is not configured to prevent XML external entity (XXE) attacks. Semantic Versioning Plugin\n 1.14 and earlier does not restrict execution of the controller/agent message to agents, and implements no\n limitations about the file path that can be parsed. This allows attackers able to control agent processes\n to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the\n Jenkins controller or server-side request forgery. This is due to an incomplete fix of SECURITY-2124. This\n vulnerability is only exploitable in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. See the LTS\n upgrade guide. Semantic Versioning Plugin 1.15 does not allow the affected controller/agent message to be\n submitted by agents for execution on the controller. (CVE-2023-24429)\n\n - Medium Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML\n external entity (XXE) attacks. This allows attackers able to control the contents of the version file for\n the 'Determine Semantic Version' build step to have agent processes parse a crafted file that uses\n external entities for extraction of secrets from the Jenkins agent or server-side request forgery. Because\n Jenkins agent processes usually execute build tools whose input (source code, build scripts, etc.) is\n controlled externally, this vulnerability only has a real impact in very narrow circumstances: when\n attackers can control XML files, but are unable to change build steps, Jenkinsfiles, test code that gets\n executed on the agents, or similar. Semantic Versioning Plugin 1.15 disables external entity resolution\n for its XML parser. (CVE-2023-24430)\n\n - Medium Orka by MacStadium Plugin 1.31 and earlier does not perform permission checks in several HTTP\n endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials\n stored in Jenkins. Those can be used as part of an attack to capture the credentials using another\n vulnerability. An enumeration of credentials IDs in Orka by MacStadium Plugin 1.32 requires\n Overall/Administer permission. (CVE-2023-24431)\n\n - Medium Orka by MacStadium Plugin 1.31 and earlier does not perform permission checks in several HTTP\n endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP\n server using attacker-specified credentials IDs obtained through another method, capturing credentials\n stored in Jenkins. Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-\n site request forgery (CSRF) vulnerability. Orka by MacStadium Plugin 1.32 requires POST requests and\n Overall/Administer permission for the affected HTTP endpoints. (CVE-2023-24432, CVE-2023-24433)\n\n - Medium GitHub Pull Request Builder Plugin 1.42.2 and earlier does not perform a permission check in an\n HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of\n credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using\n another vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this.\n (CVE-2023-24436)\n\n - Medium GitHub Pull Request Builder Plugin 1.42.2 and earlier does not perform permission checks in methods\n implementing form validation. This allows attackers with Overall/Read permission to connect to an\n attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing\n credentials stored in Jenkins. Additionally, these form validation methods do not require POST requests,\n resulting in a cross-site request forgery (CSRF) vulnerability. As of publication of this advisory, there\n is no fix. Learn why we announce this. (CVE-2023-24434, CVE-2023-24435)\n\n - Medium JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier does not perform permission checks in\n methods implementing form validation. This allows attackers with Overall/Read permission to connect to an\n attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing\n credentials stored in Jenkins. Additionally, these form validation methods do not require POST requests,\n resulting in a cross-site request forgery (CSRF) vulnerability. As of publication of this advisory, there\n is no fix. Learn why we announce this. (CVE-2023-24437, CVE-2023-24438)\n\n - Low JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private key unencrypted in its\n global configuration file org.thoughtslive.jenkins.plugins.jira.JiraStepsConfig.xml on the Jenkins\n controller as part of its configuration. This key can be viewed by users with access to the Jenkins\n controller file system. Additionally, the global configuration form does not mask the API key, increasing\n the potential for attackers to observe and capture it. As of publication of this advisory, there is no\n fix. Learn why we announce this. (CVE-2023-24439, CVE-2023-24440)\n\n - Medium MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity\n (XXE) attacks. This allows attackers able to control the contents of the report file for the 'Publish\n MSTest test result report' post-build step to have agent processes parse a crafted file that uses external\n entities for extraction of secrets from the Jenkins agent or server-side request forgery. Because Jenkins\n agent processes usually execute build tools whose input (source code, build scripts, etc.) is controlled\n externally, this vulnerability only has a real impact in very narrow circumstances: when attackers can\n control XML files, but are unable to change build steps, Jenkinsfiles, test code that gets executed on the\n agents, or similar. As of publication of this advisory, there is no fix. Learn why we announce this.\n (CVE-2023-24441)\n\n - Low GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token,\n Sonar access token and Sonar password unencrypted in its global configuration file\n com.github.terma.jenkins.githubprcoveragestatus.Configuration.xml on the Jenkins controller as part of its\n configuration. These credentials can be viewed by users with access to the Jenkins controller file system.\n As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24442)\n\n - High Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the existing session on login.\n This allows attackers to use social engineering techniques to gain administrator access to Jenkins. As of\n publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24456)\n\n - Medium Keycloak Authentication Plugin 2.3.0 and earlier does not implement a state parameter in its OAuth\n flow, a unique and non-guessable value associated with each authentication request. This vulnerability\n allows attackers to trick users into logging in to the attacker's account. As of publication of this\n advisory, there is no fix. Learn why we announce this. (CVE-2023-24457)\n\n - High TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML\n external entity (XXE) attacks. This allows attackers able to control the zip archive input file for the\n 'TestComplete Test' build step to have Jenkins parse a crafted file that uses external entities for\n extraction of secrets from the Jenkins controller or server-side request forgery. As of publication of\n this advisory, there is no fix. Learn why we announce this. (CVE-2023-24443)\n\n - High OpenID Plugin 2.4 and earlier does not invalidate the existing session on login. This allows\n attackers to use social engineering techniques to gain administrator access to Jenkins. As of publication\n of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24444)\n\n - Medium OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately\n pointing to Jenkins. This allows attackers to perform phishing attacks by having users go to a Jenkins URL\n that will forward them to a different site after successful authentication. As of publication of this\n advisory, there is no fix. Learn why we announce this. (CVE-2023-24445)\n\n - Medium OpenID Plugin 2.4 and earlier does not implement a state parameter in its OAuth flow, a unique and\n non-guessable value associated with each authentication request. This vulnerability allows attackers to\n trick users into logging in to the attacker's account. As of publication of this advisory, there is no\n fix. Learn why we announce this. (CVE-2023-24446)\n\n - Medium RabbitMQ Consumer Plugin 2.8 and earlier does not perform a permission check in a method\n implementing form validation. This allows attackers with Overall/Read permission to connect to an\n attacker-specified AMQP server using attacker-specified username and password. Additionally, this form\n validation method does not require POST requests, resulting in a cross-site request forgery (CSRF)\n vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this.\n (CVE-2023-24447, CVE-2023-24448)\n\n - Medium PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods\n implementing form validation. This allows attackers with Overall/Read permission to check for the\n existence of an attacker-specified file path on the Jenkins controller file system. As of publication of\n this advisory, there is no fix. Learn why we announce this. (CVE-2023-24449)\n\n - Medium view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the\n Jenkins controller as part of its configuration. These passwords can be viewed by users with Item/Extended\n Read permission or access to the Jenkins controller file system. As of publication of this advisory, there\n is no fix. Learn why we announce this. (CVE-2023-24450)\n\n - Medium Cisco Spark Notifier Plugin 1.1.1 and earlier does not perform permission checks in several HTTP\n endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials\n stored in Jenkins. Those can be used as part of an attack to capture the credentials using another\n vulnerability. As of publication of this advisory, there is no fix. Learn why we announce this.\n (CVE-2023-24451)\n\n - Medium BearyChat Plugin 3.0.2 and earlier does not perform a permission check in a method implementing\n form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified\n URL. Additionally, this form validation method does not require POST requests, resulting in a cross-site\n request forgery (CSRF) vulnerability. As of publication of this advisory, there is no fix. Learn why we\n announce this. (CVE-2023-24458, CVE-2023-24459)\n\n - Medium TestQuality Updater Plugin 1.3 and earlier does not perform a permission check in a method\n implementing form validation. This allows attackers with Overall/Read permission to connect to an\n attacker-specified URL using attacker-specified username and password. Additionally, this form validation\n method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability. As\n of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24452,\n CVE-2023-24453)\n\n - Low TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its\n global configuration file com.testquality.jenkins.TestQualityNotifier.xml on the Jenkins controller as\n part of its configuration. This password can be viewed by users with access to the Jenkins controller file\n system. As of publication of this advisory, there is no fix. Learn why we announce this. (CVE-2023-24454)\n\n - Medium visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing\n form validation. This allows attackers with Item/Configure permission to check for the existence of an\n attacker-specified file path on the Jenkins controller file system. As of publication of this advisory,\n there is no fix. Learn why we announce this. (CVE-2023-24455)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jenkins.io/security/advisory/2023-01-24\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update Jenkins plugins to the following versions:\n - Azure AD Plugin to version 306.va_7083923fd50 or later\n - BearyChat Plugin: See vendor advisory\n - Bitbucket OAuth Plugin to version 0.13 or later\n - Cisco Spark Notifier Plugin: See vendor advisory\n - Gerrit Trigger Plugin to version 2.38.1 or later\n - GitHub Pull Request Builder Plugin: See vendor advisory\n - GitHub Pull Request Coverage Status Plugin: See vendor advisory\n - JIRA Pipeline Steps Plugin: See vendor advisory\n - Keycloak Authentication Plugin: See vendor advisory\n - Kubernetes Credentials Provider Plugin to version 1.209.v862c6e5fb_1ef or later\n - MSTest Plugin: See vendor advisory\n - OpenId Connect Authentication Plugin to version 2.5 or later\n - OpenID Plugin: See vendor advisory\n - Orka by MacStadium Plugin to version 1.32 or later\n - PWauth Security Realm Plugin: See vendor advisory\n - RabbitMQ Consumer Plugin: See vendor advisory\n - Script Security Plugin to version 1229.v4880b_b_e905a_6 or later\n - Semantic Versioning Plugin to version 1.15 or later\n - TestComplete support Plugin: See vendor advisory\n - TestQuality Updater Plugin: See vendor advisory\n - view-cloner Plugin: See vendor advisory\n - visualexpert Plugin: See vendor advisory\n\nSee vendor advisory for more details.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-24458\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cloudbees:jenkins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:jenkins:jenkins\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jenkins_plugins_detect.nbin\", \"jenkins_win_installed.nbin\", \"jenkins_nix_installed.nbin\", \"macosx_jenkins_installed.nbin\");\n script_require_keys(\"installed_sw/Jenkins\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar constraints = [\n {'max_version' : '303', 'fixed_version' : '306', 'fixed_display' : '306.va_7083923fd50', 'plugin' : 'Azure AD Plugin'},\n {'max_version' : '3.0.2', 'fixed_display' : 'See vendor advisory', 'plugin' : 'BearyChat Plugin'},\n {'max_version' : '0.12', 'fixed_version' : '0.13', 'plugin' : 'Bitbucket OAuth Plugin'},\n {'max_version' : '1.1.1', 'fixed_display' : 'See vendor advisory', 'plugin' : 'Cisco Spark Notifier Plugin'},\n {'max_version' : '2.38.0', 'fixed_version' : '2.38.1', 'plugin' : 'Gerrit Trigger Plugin'},\n {'max_version' : '1.42.2', 'fixed_display' : 'See vendor advisory', 'plugin' : 'GitHub Pull Request Builder Plugin'},\n {'max_version' : '2.2.0', 'fixed_display' : 'See vendor advisory', 'plugin' : 'GitHub Pull Request Coverage Status Plugin'},\n {'max_version' : '2.0.165', 'fixed_display' : 'See vendor advisory', 'plugin' : 'JIRA Pipeline Steps Plugin'},\n {'max_version' : '2.3.0', 'fixed_display' : 'See vendor advisory', 'plugin' : 'Keycloak Authentication Plugin'},\n {'max_version' : '1.208', 'fixed_version' : '1.209', 'fixed_display' : '1.209.v862c6e5fb_1ef', 'plugin' : 'Kubernetes Credentials Provider Plugin'},\n {'max_version' : '1.0.0', 'fixed_display' : 'See vendor advisory', 'plugin' : 'MSTest Plugin'},\n {'max_version' : '2.4', 'fixed_version' : '2.5', 'plugin' : 'OpenId Connect Authentication Plugin'},\n {'max_version' : '2.4', 'fixed_display' : 'See vendor advisory', 'plugin' : 'OpenID Plugin'},\n {'max_version' : '1.31', 'fixed_version' : '1.32', 'plugin' : 'Orka by MacStadium Plugin'},\n {'max_version' : '0.4', 'fixed_display' : 'See vendor advisory', 'plugin' : 'PWauth Security Realm Plugin'},\n {'max_version' : '2.8', 'fixed_display' : 'See vendor advisory', 'plugin' : 'RabbitMQ Consumer Plugin'},\n {'max_version' : '1228', 'fixed_version' : '1229', 'fixed_display' : '1229.v4880b_b_e905a_6', 'plugin' : 'Script Security Plugin'},\n {'max_version' : '1.14', 'fixed_version' : '1.15', 'plugin' : 'Semantic Versioning Plugin'},\n {'max_version' : '2.8.1', 'fixed_display' : 'See vendor advisory', 'plugin' : 'TestComplete support Plugin'},\n {'max_version' : '1.3', 'fixed_display' : 'See vendor advisory', 'plugin' : 'TestQuality Updater Plugin'},\n {'max_version' : '1.1', 'fixed_display' : 'See vendor advisory', 'plugin' : 'view-cloner Plugin'},\n {'max_version' : '1.3', 'fixed_display' : 'See vendor advisory', 'plugin' : 'visualexpert Plugin'}\n];\n\nvar app_info = vcf::jenkins::plugin::get_app_info(plugins:constraints);\n\nvcf::jenkins::plugin::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n flags:{'xsrf':TRUE}\n);\n", "naslFamily": "CGI abuses", "cpe": ["cpe:/a:cloudbees:jenkins", "cpe:/a:jenkins:jenkins"], "solution": "Update Jenkins plugins to the following versions:\n - Azure AD Plugin to version 306.va_7083923fd50 or later\n - BearyChat Plugin: See vendor advisory\n - Bitbucket OAuth Plugin to version 0.13 or later\n - Cisco Spark Notifier Plugin: See vendor advisory\n - Gerrit Trigger Plugin to version 2.38.1 or later\n - GitHub Pull Request Builder Plugin: See vendor advisory\n - GitHub Pull Request Coverage Status Plugin: See vendor advisory\n - JIRA Pipeline Steps Plugin: See vendor advisory\n - Keycloak Authentication Plugin: See vendor advisory\n - Kubernetes Credentials Provider Plugin to version 1.209.v862c6e5fb_1ef or later\n - MSTest Plugin: See vendor advisory\n - OpenId Connect Authentication Plugin to version 2.5 or later\n - OpenID Plugin: See vendor advisory\n - Orka by MacStadium Plugin to version 1.32 or later\n - PWauth Security Realm Plugin: See vendor advisory\n - RabbitMQ Consumer Plugin: See vendor advisory\n - Script Security Plugin to version 1229.v4880b_b_e905a_6 or later\n - Semantic Versioning Plugin to version 1.15 or later\n - TestComplete support Plugin: See vendor advisory\n - TestQuality Updater Plugin: See vendor advisory\n - view-cloner Plugin: See vendor advisory\n - visualexpert Plugin: See vendor advisory\n\nSee vendor advisory for more details.", "nessusSeverity": "Critical", "cvssScoreSource": "CVE-2023-24458", "vendor_cvss2": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2023-01-24T00:00:00", "vulnerabilityPublicationDate": "2023-01-24T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2023-06-16T13:02:12", "description": "The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.7. It is, therefore, affected by multiple vulnerabilities including the following:\n\n - Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n - CSRF vulnerability in Gerrit Trigger Plugin (CVE-2023-24423)\n\n - Session fixation vulnerability in OpenId Connect Authentication Plugin (CVE-2023-24424)\n\n - Exposure of system-scoped Kubernetes credentials in Kubernetes Credentials Provider Plugin (CVE-2023-24425)\n\n - Session fixation vulnerability in Azure AD Plugin (CVE-2023-24426)\n\n - Session fixation vulnerability in Bitbucket OAuth Plugin (CVE-2023-24427)\n\n - CSRF vulnerability in Bitbucket OAuth Plugin (CVE-2023-24428)\n\n - Agent-to-controller security bypass in Semantic Versioning Plugin (CVE-2023-24429)\n\n - XXE vulnerability on agents in Semantic Versioning Plugin (CVE-2023-24430)\n\n - Missing permission checks in Orka by MacStadium Plugin allow enumerating credentials IDs (CVE-2023-24431)\n\n - CSRF vulnerability and missing permission checks in Orka by MacStadium Plugin allow capturing credentials (CVE-2023-24432, CVE-2023-24433)\n\n - CSRF vulnerability and missing permission checks in GitHub Pull Request Builder Plugin (CVE-2023-24434, CVE-2023-24435)\n\n - Missing permission check in GitHub Pull Request Builder Plugin allows enumerating credentials IDs (CVE-2023-24436)\n\n - CSRF vulnerability and missing permission checks in JIRA Pipeline Steps Plugin (CVE-2023-24437, CVE-2023-24438)\n\n - Keys stored in plain text by JIRA Pipeline Steps Plugin (CVE-2023-24439, CVE-2023-24440)\n\n - XXE vulnerability on agents in MSTest Plugin (CVE-2023-24441)\n\n - Credentials stored in plain text by GitHub Pull Request Coverage Status Plugin (CVE-2023-24442)\n\n - XXE vulnerability in TestComplete support Plugin (CVE-2023-24443)\n\n - Session fixation vulnerability in OpenID Plugin (CVE-2023-24444)\n\n - Open redirect vulnerability in OpenID Plugin (CVE-2023-24445)\n\n - CSRF vulnerability in OpenID Plugin (CVE-2023-24446)\n\n - CSRF vulnerability and missing permission check in RabbitMQ Consumer Plugin (CVE-2023-24447, CVE-2023-24448)\n\n - Path traversal vulnerability in PWauth Security Realm Plugin (CVE-2023-24449)\n\n - Passwords stored in plain text by view-cloner Plugin (CVE-2023-24450)\n\n - Missing permission checks in Cisco Spark Notifier Plugin allow enumerating credentials IDs (CVE-2023-24451)\n\n - CSRF vulnerability and missing permission check in TestQuality Updater Plugin (CVE-2023-24452, CVE-2023-24453)\n\n - Password stored in plain text by TestQuality Updater Plugin (CVE-2023-24454)\n\n - Path traversal vulnerability in visualexpert Plugin (CVE-2023-24455)\n\n - Session fixation vulnerability in Keycloak Authentication Plugin (CVE-2023-24456)\n\n - CSRF vulnerability in Keycloak Authentication Plugin (CVE-2023-24457)\n\n - CSRF vulnerability and missing permission check in BearyChat Plugin (CVE-2023-24458, CVE-2023-24459)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-24T00:00:00", "type": "nessus", "title": "Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.7 Multiple Vulnerabilities (CloudBees Security Advisory 2023-01-24)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2023-24422", "CVE-2023-24423", "CVE-2023-24424", "CVE-2023-24425", "CVE-2023-24426", "CVE-2023-24427", "CVE-2023-24428", "CVE-2023-24429", "CVE-2023-24430", "CVE-2023-24431", "CVE-2023-24432", "CVE-2023-24433", "CVE-2023-24434", "CVE-2023-24435", "CVE-2023-24436", "CVE-2023-24437", "CVE-2023-24438", "CVE-2023-24439", "CVE-2023-24440", "CVE-2023-24441", "CVE-2023-24442", "CVE-2023-24443", "CVE-2023-24444", "CVE-2023-24445", "CVE-2023-24446", "CVE-2023-24447", "CVE-2023-24448", "CVE-2023-24449", "CVE-2023-24450", "CVE-2023-24451", "CVE-2023-24452", "CVE-2023-24453", "CVE-2023-24454", "CVE-2023-24455", "CVE-2023-24456", "CVE-2023-24457", "CVE-2023-24458", "CVE-2023-24459"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/a:cloudbees:jenkins"], "id": "CLOUDBEES-SECURITY-ADVISORY-2023-01-24.NASL", "href": "https://www.tenable.com/plugins/nessus/170555", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170555);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2023-24422\",\n \"CVE-2023-24423\",\n \"CVE-2023-24424\",\n \"CVE-2023-24425\",\n \"CVE-2023-24426\",\n \"CVE-2023-24427\",\n \"CVE-2023-24428\",\n \"CVE-2023-24429\",\n \"CVE-2023-24430\",\n \"CVE-2023-24431\",\n \"CVE-2023-24432\",\n \"CVE-2023-24433\",\n \"CVE-2023-24434\",\n \"CVE-2023-24435\",\n \"CVE-2023-24436\",\n \"CVE-2023-24437\",\n \"CVE-2023-24438\",\n \"CVE-2023-24439\",\n \"CVE-2023-24440\",\n \"CVE-2023-24441\",\n \"CVE-2023-24442\",\n \"CVE-2023-24443\",\n \"CVE-2023-24444\",\n \"CVE-2023-24445\",\n \"CVE-2023-24446\",\n \"CVE-2023-24447\",\n \"CVE-2023-24448\",\n \"CVE-2023-24449\",\n \"CVE-2023-24450\",\n \"CVE-2023-24451\",\n \"CVE-2023-24452\",\n \"CVE-2023-24453\",\n \"CVE-2023-24454\",\n \"CVE-2023-24455\",\n \"CVE-2023-24456\",\n \"CVE-2023-24457\",\n \"CVE-2023-24458\",\n \"CVE-2023-24459\"\n );\n\n script_name(english:\"Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.7 Multiple Vulnerabilities (CloudBees Security Advisory 2023-01-24)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A job scheduling and management system hosted on the remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to\n2.346.40.0.7. It is, therefore, affected by multiple vulnerabilities including the following:\n\n - Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n - CSRF vulnerability in Gerrit Trigger Plugin (CVE-2023-24423)\n\n - Session fixation vulnerability in OpenId Connect Authentication Plugin (CVE-2023-24424)\n\n - Exposure of system-scoped Kubernetes credentials in Kubernetes Credentials Provider Plugin\n (CVE-2023-24425)\n\n - Session fixation vulnerability in Azure AD Plugin (CVE-2023-24426)\n\n - Session fixation vulnerability in Bitbucket OAuth Plugin (CVE-2023-24427)\n\n - CSRF vulnerability in Bitbucket OAuth Plugin (CVE-2023-24428)\n\n - Agent-to-controller security bypass in Semantic Versioning Plugin (CVE-2023-24429)\n\n - XXE vulnerability on agents in Semantic Versioning Plugin (CVE-2023-24430)\n\n - Missing permission checks in Orka by MacStadium Plugin allow enumerating credentials IDs (CVE-2023-24431)\n\n - CSRF vulnerability and missing permission checks in Orka by MacStadium Plugin allow capturing credentials\n (CVE-2023-24432, CVE-2023-24433)\n\n - CSRF vulnerability and missing permission checks in GitHub Pull Request Builder Plugin (CVE-2023-24434,\n CVE-2023-24435)\n\n - Missing permission check in GitHub Pull Request Builder Plugin allows enumerating credentials IDs\n (CVE-2023-24436)\n\n - CSRF vulnerability and missing permission checks in JIRA Pipeline Steps Plugin (CVE-2023-24437,\n CVE-2023-24438)\n\n - Keys stored in plain text by JIRA Pipeline Steps Plugin (CVE-2023-24439, CVE-2023-24440)\n\n - XXE vulnerability on agents in MSTest Plugin (CVE-2023-24441)\n\n - Credentials stored in plain text by GitHub Pull Request Coverage Status Plugin (CVE-2023-24442)\n\n - XXE vulnerability in TestComplete support Plugin (CVE-2023-24443)\n\n - Session fixation vulnerability in OpenID Plugin (CVE-2023-24444)\n\n - Open redirect vulnerability in OpenID Plugin (CVE-2023-24445)\n\n - CSRF vulnerability in OpenID Plugin (CVE-2023-24446)\n\n - CSRF vulnerability and missing permission check in RabbitMQ Consumer Plugin (CVE-2023-24447,\n CVE-2023-24448)\n\n - Path traversal vulnerability in PWauth Security Realm Plugin (CVE-2023-24449)\n\n - Passwords stored in plain text by view-cloner Plugin (CVE-2023-24450)\n\n - Missing permission checks in Cisco Spark Notifier Plugin allow enumerating credentials IDs\n (CVE-2023-24451)\n\n - CSRF vulnerability and missing permission check in TestQuality Updater Plugin (CVE-2023-24452,\n CVE-2023-24453)\n\n - Password stored in plain text by TestQuality Updater Plugin (CVE-2023-24454)\n\n - Path traversal vulnerability in visualexpert Plugin (CVE-2023-24455)\n\n - Session fixation vulnerability in Keycloak Authentication Plugin (CVE-2023-24456)\n\n - CSRF vulnerability in Keycloak Authentication Plugin (CVE-2023-24457)\n\n - CSRF vulnerability and missing permission check in BearyChat Plugin (CVE-2023-24458, CVE-2023-24459)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.cloudbees.com/security-advisories/cloudbees-security-advisory-2023-01-24\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?01c53c96\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade Jenkins Enterprise or Jenkins Operations Center to version 2.346.40.0.7 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-24458\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2023-24456\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cloudbees:jenkins\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jenkins_detect.nasl\", \"jenkins_win_installed.nbin\", \"jenkins_nix_installed.nbin\", \"macosx_jenkins_installed.nbin\");\n script_require_keys(\"installed_sw/Jenkins\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::combined_get_app_info(app:'Jenkins');\n\nvar constraints = [\n {\n 'min_version' : '2.346',\n 'fixed_version' :'2.346.40.0.7',\n 'edition' : make_list('Enterprise', 'Operations Center')\n }\n];\n\nvcf::jenkins::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n flags:{'xsrf':TRUE}\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2023-04-11T01:42:56", "description": "Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24442"], "modified": "2023-04-11T01:42:52", "id": "OSV:GHSA-4X65-4FJX-R7M6", "href": "https://osv.dev/vulnerability/GHSA-4x65-4fjx-r7m6", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:39:35", "description": "Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Path traversal vulnerability in Jenkins PWauth Security Realm Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24449"], "modified": "2023-04-11T01:39:30", "id": "OSV:GHSA-5XPC-C4XV-7W62", "href": "https://osv.dev/vulnerability/GHSA-5xpc-c4xv-7w62", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:38:32", "description": "Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "XML Entity Expansion in Jenkins TestComplete support Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24443"], "modified": "2023-04-11T01:38:30", "id": "OSV:GHSA-G5MJ-C26G-VMPM", "href": "https://osv.dev/vulnerability/GHSA-g5mj-c26g-vmpm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T05:20:23", "description": "Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Exposure of system-scoped Kubernetes credentials in Jenkins Kubernetes Credentials Provider Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24425"], "modified": "2023-03-28T05:20:20", "id": "OSV:GHSA-2JPX-H8J2-G8M4", "href": "https://osv.dev/vulnerability/GHSA-2jpx-h8j2-g8m4", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:33:22", "description": "Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24424"], "modified": "2023-04-11T01:32:43", "id": "OSV:GHSA-VXMH-P52J-H33M", "href": "https://osv.dev/vulnerability/GHSA-vxmh-p52j-h33m", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T05:48:06", "description": "Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Open redirect vulnerability in Jenkins OpenID Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24445"], "modified": "2023-03-28T05:48:02", "id": "OSV:GHSA-MJ62-M63X-MH84", "href": "https://osv.dev/vulnerability/GHSA-mj62-m63x-mh84", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T05:23:24", "description": "A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Missing permission checks in Jenkins Orka Plugin allow enumerating credentials IDs ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24431"], "modified": "2023-03-28T05:23:21", "id": "OSV:GHSA-87RH-WC85-XQVC", "href": "https://osv.dev/vulnerability/GHSA-87rh-wc85-xqvc", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T05:41:52", "description": "Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24429"], "modified": "2023-03-28T05:41:50", "id": "OSV:GHSA-PCC2-W6M8-X5W4", "href": "https://osv.dev/vulnerability/GHSA-pcc2-w6m8-x5w4", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:40:49", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:17", "type": "osv", "title": "Cross-site request forgery vulnerability in Jenkins BearyChat Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24458"], "modified": "2023-04-11T01:40:47", "id": "OSV:GHSA-5XHH-6XFV-7Q42", "href": "https://osv.dev/vulnerability/GHSA-5xhh-6xfv-7q42", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T05:44:56", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Cross-site request forgery vulnerability in Jenkins OpenID Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24446"], "modified": "2023-03-28T05:44:51", "id": "OSV:GHSA-96JV-C7M6-Q43G", "href": "https://osv.dev/vulnerability/GHSA-96jv-c7m6-q43g", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-19T20:01:43", "description": "Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "XML external entity vulnerability on agents in Jenkins MSTest Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24441"], "modified": "2023-06-19T20:01:20", "id": "OSV:GHSA-3PPR-72X5-X67Q", "href": "https://osv.dev/vulnerability/GHSA-3ppr-72x5-x67q", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:45:34", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Cross-site request forgery vulnerability in Jenkins Bitbucket OAuth Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24428"], "modified": "2023-04-11T01:45:31", "id": "OSV:GHSA-685J-36QX-3VP2", "href": "https://osv.dev/vulnerability/GHSA-685j-36qx-3vp2", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:38:48", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Cross-site request forgery in Jenkins Gerrit Trigger Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24423"], "modified": "2023-04-11T01:38:46", "id": "OSV:GHSA-95JQ-24CR-PGRQ", "href": "https://osv.dev/vulnerability/GHSA-95jq-24cr-pgrq", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:44:11", "description": "Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Cleartext Transmission of Sensitive Information in Jenkins JIRA Pipeline Steps Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24440"], "modified": "2023-04-11T01:44:08", "id": "OSV:GHSA-3G2G-RCM6-RRQ2", "href": "https://osv.dev/vulnerability/GHSA-3g2g-rcm6-rrq2", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T05:43:10", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Cross-site request forgery vulnerability in Jenkins RabbitMQ Consumer Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24447"], "modified": "2023-03-28T05:43:07", "id": "OSV:GHSA-WJ79-9FXJ-J86P", "href": "https://osv.dev/vulnerability/GHSA-wj79-9fxj-j86p", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:38:29", "description": "A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Missing permissions check in Jenkins JIRA Pipeline Steps Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24438"], "modified": "2023-04-11T01:38:26", "id": "OSV:GHSA-6J27-3XFW-CJ2W", "href": "https://osv.dev/vulnerability/GHSA-6j27-3xfw-cj2w", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:28:54", "description": "Jenkins OpenID Plugin 2.4 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Session fixation vulnerability in Jenkins OpenID Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24444"], "modified": "2023-04-11T01:28:49", "id": "OSV:GHSA-F976-24HC-MJVR", "href": "https://osv.dev/vulnerability/GHSA-f976-24hc-mjvr", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:30:00", "description": "Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Insufficient Session Expiration in Jenkins Azure AD Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24426"], "modified": "2023-04-11T01:29:51", "id": "OSV:GHSA-939X-6MWJ-96R2", "href": "https://osv.dev/vulnerability/GHSA-939x-6mwj-96r2", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:41:21", "description": "Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Session fixation vulnerability in Jenkins Keycloak Authentication Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24456"], "modified": "2023-04-11T01:41:19", "id": "OSV:GHSA-9963-GMH8-VVM6", "href": "https://osv.dev/vulnerability/GHSA-9963-gmh8-vvm6", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:45:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "CSRF vulnerability in Jenkins Orka Plugin allow capturing credentials", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24432"], "modified": "2023-04-11T01:45:10", "id": "OSV:GHSA-9JWH-QVG7-GR59", "href": "https://osv.dev/vulnerability/GHSA-9jwh-qvg7-gr59", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:37:36", "description": "A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-01-26T21:30:19", "type": "osv", "title": "Sandbox bypass in Jenkins Script Security Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24422"], "modified": "2023-04-11T01:37:34", "id": "OSV:GHSA-76QJ-9GWH-PVV3", "href": "https://osv.dev/vulnerability/GHSA-76qj-9gwh-pvv3", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:49:02", "description": "A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Missing permission checks in Jenkins GitHub Pull Request Builder Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24435"], "modified": "2023-04-11T01:48:52", "id": "OSV:GHSA-W4V5-54P8-M4J5", "href": "https://osv.dev/vulnerability/GHSA-w4v5-54p8-m4j5", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:39:53", "description": "Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "XML external entity reference vulnerability on agents in Jenkins Semantic Versioning Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24430"], "modified": "2023-04-11T01:39:49", "id": "OSV:GHSA-H8P8-6378-649P", "href": "https://osv.dev/vulnerability/GHSA-h8p8-6378-649p", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:46:25", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Cross-site request forgery vulnerability in Jenkins JIRA Pipeline Steps Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24437"], "modified": "2023-04-11T01:46:22", "id": "OSV:GHSA-R3GM-JWF4-XGV2", "href": "https://osv.dev/vulnerability/GHSA-r3gm-jwf4-xgv2", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:41:45", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "CSRF vulnerability in Jenkins TestQuality Updater Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24452"], "modified": "2023-04-11T01:41:39", "id": "OSV:GHSA-PX2F-CQRF-F2QG", "href": "https://osv.dev/vulnerability/GHSA-px2f-cqrf-f2qg", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:29:31", "description": "A missing check in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Missing permission check in Jenkins TestQuality Updater Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24453"], "modified": "2023-04-11T01:29:17", "id": "OSV:GHSA-XR8H-WJ4V-RX7F", "href": "https://osv.dev/vulnerability/GHSA-xr8h-wj4v-rx7f", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:40:11", "description": "Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Session fixation vulnerability in Jenkins Bitbucket OAuth Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24427"], "modified": "2023-04-11T01:40:07", "id": "OSV:GHSA-X9Q4-QWFH-9GJQ", "href": "https://osv.dev/vulnerability/GHSA-x9q4-qwfh-9gjq", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:21:48", "description": "Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Passwords stored in plain text by Jenkins view-cloner Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24450"], "modified": "2023-04-11T01:21:45", "id": "OSV:GHSA-6HW7-X86V-WRGF", "href": "https://osv.dev/vulnerability/GHSA-6hw7-x86v-wrgf", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-02T23:23:13", "description": "A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Cisco Spark Notifier Jenkins Plugin contains Missing Authorization", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24451"], "modified": "2023-02-02T23:17:24", "id": "OSV:GHSA-HCVF-PFRM-JXGF", "href": "https://osv.dev/vulnerability/GHSA-hcvf-pfrm-jxgf", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:48:36", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "CSRF vulnerability in Jenkins GitHub Pull Request Builder Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24434"], "modified": "2023-04-11T01:48:31", "id": "OSV:GHSA-M6Q8-MWF6-6MMC", "href": "https://osv.dev/vulnerability/GHSA-m6q8-mwf6-6mmc", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:34:58", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:17", "type": "osv", "title": "CSRF vulnerability in Jenkins Keycloak Authentication Plugin ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24457"], "modified": "2023-04-11T01:34:54", "id": "OSV:GHSA-9WRR-4R9V-26XC", "href": "https://osv.dev/vulnerability/GHSA-9wrr-4r9v-26xc", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-30T05:31:01", "description": "A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Missing permission check in Jenkins GitHub Pull Request Builder Plugin allows enumerating credentials IDs", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24436"], "modified": "2023-03-30T05:30:59", "id": "OSV:GHSA-CCF4-9HJC-XXC4", "href": "https://osv.dev/vulnerability/GHSA-ccf4-9hjc-xxc4", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:36:31", "description": "Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Missing permission checks in Jenkins Orka Plugin allow capturing credentials", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24433"], "modified": "2023-04-11T01:36:27", "id": "OSV:GHSA-GMHF-37FX-C4Q8", "href": "https://osv.dev/vulnerability/GHSA-gmhf-37fx-c4q8", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T05:41:52", "description": "Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Path Traversal in Jenkins visualexpert Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24455"], "modified": "2023-03-28T05:41:39", "id": "OSV:GHSA-8MMH-H4JH-2G34", "href": "https://osv.dev/vulnerability/GHSA-8mmh-h4jh-2g34", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:40:50", "description": "Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Plaintext Storage of a Password in Jenkins TestQuality Updater Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24454"], "modified": "2023-04-11T01:40:48", "id": "OSV:GHSA-98QC-V8VG-MCX4", "href": "https://osv.dev/vulnerability/GHSA-98qc-v8vg-mcx4", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:49:12", "description": "A missing permission check in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:17", "type": "osv", "title": "Missing permission check in Jenkins BearyChat Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24459"], "modified": "2023-04-11T01:49:10", "id": "OSV:GHSA-67W4-W877-JV29", "href": "https://osv.dev/vulnerability/GHSA-67w4-w877-jv29", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:24:54", "description": "Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Plaintext Storage of a Password in Jenkins JIRA Pipeline Steps Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24439"], "modified": "2023-04-11T01:24:48", "id": "OSV:GHSA-G29V-5PWH-WXX4", "href": "https://osv.dev/vulnerability/GHSA-g29v-5pwh-wxx4", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-11T01:37:05", "description": "A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "osv", "title": "Missing permission check in Jenkins RabbitMQ Consumer Plugin", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-24448"], "modified": "2023-04-11T01:37:01", "id": "OSV:GHSA-QGJQ-HRHG-F24H", "href": "https://osv.dev/vulnerability/GHSA-qgjq-hrhg-f24h", "cvss": {"score": 0.0, "vector": "NONE"}}], "prion": [{"lastseen": "2023-08-15T13:51:25", "description": "Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24443", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24443"], "modified": "2023-02-02T16:18:00", "id": "PRION:CVE-2023-24443", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24443", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:27", "description": "Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24449", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24449"], "modified": "2023-02-02T15:46:00", "id": "PRION:CVE-2023-24449", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24449", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:24", "description": "Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24440", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24440"], "modified": "2023-02-04T02:07:00", "id": "PRION:CVE-2023-24440", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24440", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:28", "description": "Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24456", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24456"], "modified": "2023-02-02T16:50:00", "id": "PRION:CVE-2023-24456", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24456", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:21", "description": "Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24430", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24430"], "modified": "2023-02-04T01:58:00", "id": "PRION:CVE-2023-24430", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24430", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:27", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24446", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24446"], "modified": "2023-02-02T16:04:00", "id": "PRION:CVE-2023-24446", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24446", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:25", "description": "Jenkins OpenID Plugin 2.4 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24444", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24444"], "modified": "2023-02-02T16:11:00", "id": "PRION:CVE-2023-24444", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24444", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:19", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24423", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24423"], "modified": "2023-02-03T14:07:00", "id": "PRION:CVE-2023-24423", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24423", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-08-15T13:51:23", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24437", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24437"], "modified": "2023-02-02T15:43:00", "id": "PRION:CVE-2023-24437", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24437", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:28", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24457", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24457"], "modified": "2023-02-02T16:49:00", "id": "PRION:CVE-2023-24457", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24457", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-08-15T13:51:19", "description": "Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24425", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24425"], "modified": "2023-02-03T14:35:00", "id": "PRION:CVE-2023-24425", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24425", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:27", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24452", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24452"], "modified": "2023-02-02T16:53:00", "id": "PRION:CVE-2023-24452", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24452", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:40", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24447", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24447"], "modified": "2023-02-02T16:03:00", "id": "PRION:CVE-2023-24447", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24447", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:21", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24428", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24428"], "modified": "2023-02-04T02:06:00", "id": "PRION:CVE-2023-24428", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24428", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-08-15T13:51:25", "description": "Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24441", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24441"], "modified": "2023-02-02T16:18:00", "id": "PRION:CVE-2023-24441", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24441", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:20", "description": "Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24429", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24429"], "modified": "2023-02-04T02:06:00", "id": "PRION:CVE-2023-24429", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24429", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:22", "description": "Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24426", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24426"], "modified": "2023-02-03T14:37:00", "id": "PRION:CVE-2023-24426", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24426", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:25", "description": "Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24445", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24445"], "modified": "2023-02-02T16:20:00", "id": "PRION:CVE-2023-24445", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24445", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-08-15T13:51:28", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24458", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24458"], "modified": "2023-02-02T16:49:00", "id": "PRION:CVE-2023-24458", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24458", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:24", "description": "A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24438", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24438"], "modified": "2023-02-04T02:06:00", "id": "PRION:CVE-2023-24438", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24438", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:27", "description": "A missing check in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24453", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24453"], "modified": "2023-02-02T16:53:00", "id": "PRION:CVE-2023-24453", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24453", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-08-15T13:51:20", "description": "Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24427", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24427"], "modified": "2023-02-04T02:08:00", "id": "PRION:CVE-2023-24427", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24427", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:24", "description": "A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24436", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24436"], "modified": "2023-02-02T15:03:00", "id": "PRION:CVE-2023-24436", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24436", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:26", "description": "Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24442", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24442"], "modified": "2023-02-02T16:14:00", "id": "PRION:CVE-2023-24442", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24442", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:22", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24432", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24432"], "modified": "2023-02-02T15:45:00", "id": "PRION:CVE-2023-24432", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24432", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:19", "description": "A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24422", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24422"], "modified": "2023-02-04T02:08:00", "id": "PRION:CVE-2023-24422", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24422", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:30", "description": "A missing permission check in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24459", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24459"], "modified": "2023-02-02T16:48:00", "id": "PRION:CVE-2023-24459", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24459", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-08-15T13:51:19", "description": "Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24424", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24424"], "modified": "2023-02-03T14:09:00", "id": "PRION:CVE-2023-24424", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24424", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:24", "description": "A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24435", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24435"], "modified": "2023-02-02T13:57:00", "id": "PRION:CVE-2023-24435", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24435", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:22", "description": "A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24431", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24431"], "modified": "2023-02-02T15:46:00", "id": "PRION:CVE-2023-24431", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24431", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:22", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24434", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24434"], "modified": "2023-02-02T15:30:00", "id": "PRION:CVE-2023-24434", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24434", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T13:51:28", "description": "A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24451", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24451"], "modified": "2023-02-02T17:01:00", "id": "PRION:CVE-2023-24451", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24451", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:22", "description": "Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24433", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24433"], "modified": "2023-02-02T15:45:00", "id": "PRION:CVE-2023-24433", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24433", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:26", "description": "Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24450", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24450"], "modified": "2023-02-02T15:29:00", "id": "PRION:CVE-2023-24450", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24450", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:32", "description": "Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24455", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24455"], "modified": "2023-02-02T16:51:00", "id": "PRION:CVE-2023-24455", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24455", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:28", "description": "Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24454", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24454"], "modified": "2023-02-02T16:52:00", "id": "PRION:CVE-2023-24454", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24454", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:24", "description": "Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24439", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24439"], "modified": "2023-02-04T02:07:00", "id": "PRION:CVE-2023-24439", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24439", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T13:51:26", "description": "A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "prion", "title": "CVE-2023-24448", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24448"], "modified": "2023-02-02T15:50:00", "id": "PRION:CVE-2023-24448", "href": "https://kb.prio-n.com/vulnerability/CVE-2023-24448", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "github": [{"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Cross-site request forgery in Jenkins Gerrit Trigger Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24423"], "modified": "2023-02-03T20:46:16", "id": "GHSA-95JQ-24CR-PGRQ", "href": "https://github.com/advisories/GHSA-95jq-24cr-pgrq", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "XML Entity Expansion in Jenkins TestComplete support Plugin", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24443"], "modified": "2023-02-03T20:37:10", "id": "GHSA-G5MJ-C26G-VMPM", "href": "https://github.com/advisories/GHSA-g5mj-c26g-vmpm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Path traversal vulnerability in Jenkins PWauth Security Realm Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24449"], "modified": "2023-02-03T20:39:19", "id": "GHSA-5XPC-C4XV-7W62", "href": "https://github.com/advisories/GHSA-5xpc-c4xv-7w62", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24424"], "modified": "2023-02-03T20:46:08", "id": "GHSA-VXMH-P52J-H33M", "href": "https://github.com/advisories/GHSA-vxmh-p52j-h33m", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:17", "type": "github", "title": "Cross-site request forgery vulnerability in Jenkins BearyChat Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24458"], "modified": "2023-02-03T20:33:45", "id": "GHSA-5XHH-6XFV-7Q42", "href": "https://github.com/advisories/GHSA-5xhh-6xfv-7q42", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Open redirect vulnerability in Jenkins OpenID Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24445"], "modified": "2023-02-03T20:35:41", "id": "GHSA-MJ62-M63X-MH84", "href": "https://github.com/advisories/GHSA-mj62-m63x-mh84", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Missing permission checks in Jenkins GitHub Pull Request Builder Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24435"], "modified": "2023-02-02T17:13:26", "id": "GHSA-W4V5-54P8-M4J5", "href": "https://github.com/advisories/GHSA-w4v5-54p8-m4j5", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Cross-site request forgery vulnerability in Jenkins OpenID Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24446"], "modified": "2023-02-03T20:39:50", "id": "GHSA-96JV-C7M6-Q43G", "href": "https://github.com/advisories/GHSA-96jv-c7m6-q43g", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Cross-site request forgery vulnerability in Jenkins RabbitMQ Consumer Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24447"], "modified": "2023-02-03T20:39:35", "id": "GHSA-WJ79-9FXJ-J86P", "href": "https://github.com/advisories/GHSA-wj79-9fxj-j86p", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "CSRF vulnerability in Jenkins TestQuality Updater Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24452"], "modified": "2023-02-03T20:35:36", "id": "GHSA-PX2F-CQRF-F2QG", "href": "https://github.com/advisories/GHSA-px2f-cqrf-f2qg", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Cross-site request forgery vulnerability in Jenkins Bitbucket OAuth Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24428"], "modified": "2023-02-06T16:43:40", "id": "GHSA-685J-36QX-3VP2", "href": "https://github.com/advisories/GHSA-685j-36qx-3vp2", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Cleartext Transmission of Sensitive Information in Jenkins JIRA Pipeline Steps Plugin", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24440"], "modified": "2023-02-06T16:40:55", "id": "GHSA-3G2G-RCM6-RRQ2", "href": "https://github.com/advisories/GHSA-3g2g-rcm6-rrq2", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "XML external entity vulnerability on agents in Jenkins MSTest Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24441"], "modified": "2023-06-19T19:54:00", "id": "GHSA-3PPR-72X5-X67Q", "href": "https://github.com/advisories/GHSA-3ppr-72x5-x67q", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Insufficient Session Expiration in Jenkins Azure AD Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24426"], "modified": "2023-02-04T00:30:33", "id": "GHSA-939X-6MWJ-96R2", "href": "https://github.com/advisories/GHSA-939x-6mwj-96r2", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Session fixation vulnerability in Jenkins Bitbucket OAuth Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24427"], "modified": "2023-02-06T16:44:10", "id": "GHSA-X9Q4-QWFH-9GJQ", "href": "https://github.com/advisories/GHSA-x9q4-qwfh-9gjq", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A missing check in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Missing permission check in Jenkins TestQuality Updater Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24453"], "modified": "2023-02-03T20:35:21", "id": "GHSA-XR8H-WJ4V-RX7F", "href": "https://github.com/advisories/GHSA-xr8h-wj4v-rx7f", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Missing permission checks in Jenkins Orka Plugin allow enumerating credentials IDs ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24431"], "modified": "2023-02-03T20:40:23", "id": "GHSA-87RH-WC85-XQVC", "href": "https://github.com/advisories/GHSA-87rh-wc85-xqvc", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Missing permissions check in Jenkins JIRA Pipeline Steps Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24438"], "modified": "2023-02-06T16:41:10", "id": "GHSA-6J27-3XFW-CJ2W", "href": "https://github.com/advisories/GHSA-6j27-3xfw-cj2w", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Cisco Spark Notifier Jenkins Plugin contains Missing Authorization", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24451"], "modified": "2023-02-02T23:17:25", "id": "GHSA-HCVF-PFRM-JXGF", "href": "https://github.com/advisories/GHSA-hcvf-pfrm-jxgf", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Exposure of system-scoped Kubernetes credentials in Jenkins Kubernetes Credentials Provider Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24425"], "modified": "2023-02-03T20:46:01", "id": "GHSA-2JPX-H8J2-G8M4", "href": "https://github.com/advisories/GHSA-2jpx-h8j2-g8m4", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-01-26T21:30:19", "type": "github", "title": "Sandbox bypass in Jenkins Script Security Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24422"], "modified": "2023-02-14T05:06:16", "id": "GHSA-76QJ-9GWH-PVV3", "href": "https://github.com/advisories/GHSA-76qj-9gwh-pvv3", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins OpenID Plugin 2.4 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Session fixation vulnerability in Jenkins OpenID Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24444"], "modified": "2023-01-27T01:02:11", "id": "GHSA-F976-24HC-MJVR", "href": "https://github.com/advisories/GHSA-f976-24hc-mjvr", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A missing permission check in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:17", "type": "github", "title": "Missing permission check in Jenkins BearyChat Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24459"], "modified": "2023-02-03T20:34:13", "id": "GHSA-67W4-W877-JV29", "href": "https://github.com/advisories/GHSA-67w4-w877-jv29", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24442"], "modified": "2023-02-03T20:39:17", "id": "GHSA-4X65-4FJX-R7M6", "href": "https://github.com/advisories/GHSA-4x65-4fjx-r7m6", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24429"], "modified": "2023-02-06T16:42:10", "id": "GHSA-PCC2-W6M8-X5W4", "href": "https://github.com/advisories/GHSA-pcc2-w6m8-x5w4", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "CSRF vulnerability in Jenkins GitHub Pull Request Builder Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24434"], "modified": "2023-01-27T01:18:39", "id": "GHSA-M6Q8-MWF6-6MMC", "href": "https://github.com/advisories/GHSA-m6q8-mwf6-6mmc", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "CSRF vulnerability in Jenkins Orka Plugin allow capturing credentials", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24432"], "modified": "2023-01-27T01:26:59", "id": "GHSA-9JWH-QVG7-GR59", "href": "https://github.com/advisories/GHSA-9jwh-qvg7-gr59", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Plaintext Storage of a Password in Jenkins JIRA Pipeline Steps Plugin", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24439"], "modified": "2023-02-06T16:39:46", "id": "GHSA-G29V-5PWH-WXX4", "href": "https://github.com/advisories/GHSA-g29v-5pwh-wxx4", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Cross-site request forgery vulnerability in Jenkins JIRA Pipeline Steps Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24437"], "modified": "2023-01-27T01:27:59", "id": "GHSA-R3GM-JWF4-XGV2", "href": "https://github.com/advisories/GHSA-r3gm-jwf4-xgv2", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "XML external entity reference vulnerability on agents in Jenkins Semantic Versioning Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24430"], "modified": "2023-02-06T16:41:30", "id": "GHSA-H8P8-6378-649P", "href": "https://github.com/advisories/GHSA-h8p8-6378-649p", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Session fixation vulnerability in Jenkins Keycloak Authentication Plugin", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24456"], "modified": "2023-02-11T05:06:01", "id": "GHSA-9963-GMH8-VVM6", "href": "https://github.com/advisories/GHSA-9963-gmh8-vvm6", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Passwords stored in plain text by Jenkins view-cloner Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24450"], "modified": "2023-02-02T17:31:58", "id": "GHSA-6HW7-X86V-WRGF", "href": "https://github.com/advisories/GHSA-6hw7-x86v-wrgf", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:17", "type": "github", "title": "CSRF vulnerability in Jenkins Keycloak Authentication Plugin ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24457"], "modified": "2023-02-03T20:33:55", "id": "GHSA-9WRR-4R9V-26XC", "href": "https://github.com/advisories/GHSA-9wrr-4r9v-26xc", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Missing permission check in Jenkins GitHub Pull Request Builder Plugin allows enumerating credentials IDs", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24436"], "modified": "2023-02-02T17:14:51", "id": "GHSA-CCF4-9HJC-XXC4", "href": "https://github.com/advisories/GHSA-ccf4-9hjc-xxc4", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Missing permission checks in Jenkins Orka Plugin allow capturing credentials", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24433"], "modified": "2023-02-03T20:40:12", "id": "GHSA-GMHF-37FX-C4Q8", "href": "https://github.com/advisories/GHSA-gmhf-37fx-c4q8", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Path Traversal in Jenkins visualexpert Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24455"], "modified": "2023-02-03T20:34:58", "id": "GHSA-8MMH-H4JH-2G34", "href": "https://github.com/advisories/GHSA-8mmh-h4jh-2g34", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Plaintext Storage of a Password in Jenkins TestQuality Updater Plugin", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24454"], "modified": "2023-02-11T05:05:52", "id": "GHSA-98QC-V8VG-MCX4", "href": "https://github.com/advisories/GHSA-98qc-v8vg-mcx4", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T02:18:14", "description": "A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:30:18", "type": "github", "title": "Missing permission check in Jenkins RabbitMQ Consumer Plugin", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24448"], "modified": "2023-02-03T20:39:24", "id": "GHSA-QGJQ-HRHG-F24H", "href": "https://github.com/advisories/GHSA-qgjq-hrhg-f24h", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2023-07-23T23:58:26", "description": "Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24424", "cwe": ["CWE-384"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24424"], "modified": "2023-02-03T14:09:00", "cpe": [], "id": "CVE-2023-24424", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24424", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-07-24T00:00:12", "description": "A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24451", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24451"], "modified": "2023-02-02T17:01:00", "cpe": ["cpe:/a:jenkins:cisco_spark:1.1.1"], "id": "CVE-2023-24451", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24451", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:cisco_spark:1.1.1:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-24T00:09:11", "description": "Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24449", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24449"], "modified": "2023-02-02T15:46:00", "cpe": ["cpe:/a:jenkins:pwauth_security_realm:0.4"], "id": "CVE-2023-24449", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24449", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:pwauth_security_realm:0.4:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:59:38", "description": "Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24445", "cwe": ["CWE-601"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24445"], "modified": "2023-02-02T16:20:00", "cpe": ["cpe:/a:jenkins:openid:2.4"], "id": "CVE-2023-24445", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24445", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:openid:2.4:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-24T00:00:17", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24458", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24458"], "modified": "2023-02-02T16:49:00", "cpe": ["cpe:/a:jenkins:bearychat:3.0.2"], "id": "CVE-2023-24458", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24458", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:bearychat:3.0.2:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:59:38", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24446", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24446"], "modified": "2023-02-02T16:04:00", "cpe": ["cpe:/a:jenkins:openid:2.4"], "id": "CVE-2023-24446", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24446", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:openid:2.4:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:59:38", "description": "Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24442", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24442"], "modified": "2023-02-02T16:14:00", "cpe": ["cpe:/a:jenkins:github_pull_request_coverage_status:2.2.0"], "id": "CVE-2023-24442", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24442", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:github_pull_request_coverage_status:2.2.0:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:59:38", "description": "Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24443", "cwe": ["CWE-611"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24443"], "modified": "2023-02-02T16:18:00", "cpe": ["cpe:/a:jenkins:testcomplete_support:2.8.1"], "id": "CVE-2023-24443", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24443", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:testcomplete_support:2.8.1:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:59:38", "description": "Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24441", "cwe": ["CWE-611"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24441"], "modified": "2023-02-02T16:18:00", "cpe": ["cpe:/a:jenkins:mstest:1.0.0"], "id": "CVE-2023-24441", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24441", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:mstest:1.0.0:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-24T00:01:34", "description": "Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24440", "cwe": ["CWE-319"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24440"], "modified": "2023-02-04T02:07:00", "cpe": ["cpe:/a:jenkins:jira_pipeline_steps:2.0.165.v8846cf59f3db"], "id": "CVE-2023-24440", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24440", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jira_pipeline_steps:2.0.165.v8846cf59f3db:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-24T00:00:12", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24452", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24452"], "modified": "2023-02-02T16:53:00", "cpe": ["cpe:/a:jenkins:testquality_updater:1.3"], "id": "CVE-2023-24452", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24452", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:testquality_updater:1.3:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:59", "description": "Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24433", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24433"], "modified": "2023-02-02T15:45:00", "cpe": [], "id": "CVE-2023-24433", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24433", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-07-23T23:58:59", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24432", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24432"], "modified": "2023-02-02T15:45:00", "cpe": [], "id": "CVE-2023-24432", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24432", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-07-23T23:58:26", "description": "Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24425", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24425"], "modified": "2023-02-03T14:35:00", "cpe": ["cpe:/a:jenkins:kubernetes_credentials_provider:1.208.v128ee9800c04"], "id": "CVE-2023-24425", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24425", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:kubernetes_credentials_provider:1.208.v128ee9800c04:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:26", "description": "Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24429", "cwe": ["CWE-611"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24429"], "modified": "2023-02-04T02:06:00", "cpe": [], "id": "CVE-2023-24429", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24429", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-07-24T00:00:12", "description": "A missing check in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24453", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24453"], "modified": "2023-02-02T16:53:00", "cpe": ["cpe:/a:jenkins:testquality_updater:1.3"], "id": "CVE-2023-24453", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24453", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:testquality_updater:1.3:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:26", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24428", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24428"], "modified": "2023-02-04T02:06:00", "cpe": [], "id": "CVE-2023-24428", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24428", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2023-07-23T23:58:26", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24423", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24423"], "modified": "2023-02-03T14:07:00", "cpe": [], "id": "CVE-2023-24423", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24423", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2023-07-23T23:59:38", "description": "Jenkins OpenID Plugin 2.4 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24444", "cwe": ["CWE-404"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24444"], "modified": "2023-02-02T16:11:00", "cpe": ["cpe:/a:jenkins:openid:2.4"], "id": "CVE-2023-24444", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24444", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:openid:2.4:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:26", "description": "Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24426", "cwe": ["CWE-613"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24426"], "modified": "2023-02-03T14:37:00", "cpe": ["cpe:/a:jenkins:azure_ad:303.va_91ef20ee49f"], "id": "CVE-2023-24426", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24426", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:azure_ad:303.va_91ef20ee49f:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-24T00:00:17", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24457", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24457"], "modified": "2023-02-02T16:49:00", "cpe": ["cpe:/a:jenkins:keycloak_authentication:2.3.0"], "id": "CVE-2023-24457", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24457", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:keycloak_authentication:2.3.0:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:59", "description": "A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24438", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24438"], "modified": "2023-02-04T02:06:00", "cpe": ["cpe:/a:jenkins:jira_pipeline_steps:2.0.165.v8846cf59f3db"], "id": "CVE-2023-24438", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24438", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jira_pipeline_steps:2.0.165.v8846cf59f3db:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:59", "description": "A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24431", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24431"], "modified": "2023-02-02T15:46:00", "cpe": [], "id": "CVE-2023-24431", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24431", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-07-24T00:00:17", "description": "Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24456", "cwe": ["CWE-384"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24456"], "modified": "2023-02-02T16:50:00", "cpe": ["cpe:/a:jenkins:keycloak_authentication:2.3.0"], "id": "CVE-2023-24456", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24456", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:keycloak_authentication:2.3.0:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:59", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24437", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24437"], "modified": "2023-02-02T15:43:00", "cpe": ["cpe:/a:jenkins:jira_pipeline_steps:2.0.165.v8846cf59f3db"], "id": "CVE-2023-24437", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24437", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:jira_pipeline_steps:2.0.165.v8846cf59f3db:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-24T00:00:12", "description": "Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24450", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24450"], "modified": "2023-02-02T15:29:00", "cpe": ["cpe:/a:jenkins:view-cloner:1.1", "cpe:/a:jenkins:view-cloner:1.0"], "id": "CVE-2023-24450", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24450", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:view-cloner:1.1:*:*:*:*:jenkins:*:*", "cpe:2.3:a:jenkins:view-cloner:1.0:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:26", "description": "Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24427", "cwe": ["CWE-384"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24427"], "modified": "2023-02-04T02:08:00", "cpe": ["cpe:/a:jenkins:bitbucket_oauth:0.13"], "id": "CVE-2023-24427", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24427", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:bitbucket_oauth:0.13:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:59", "description": "Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24430", "cwe": ["CWE-611"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24430"], "modified": "2023-02-04T01:58:00", "cpe": [], "id": "CVE-2023-24430", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24430", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-07-23T23:58:59", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24434", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24434"], "modified": "2023-02-02T15:30:00", "cpe": ["cpe:/a:jenkins:github_pull_request_builder:1.42.2"], "id": "CVE-2023-24434", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24434", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:github_pull_request_builder:1.42.2:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:59:38", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24447", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24447"], "modified": "2023-02-02T16:03:00", "cpe": ["cpe:/a:jenkins:rabbitmq_consumer:2.8"], "id": "CVE-2023-24447", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24447", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:rabbitmq_consumer:2.8:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-24T00:00:13", "description": "Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24455", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24455"], "modified": "2023-02-02T16:51:00", "cpe": ["cpe:/a:jenkins:visual_expert:1.3", "cpe:/a:jenkins:visual_expert:1.0"], "id": "CVE-2023-24455", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24455", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:visual_expert:1.3:*:*:*:*:jenkins:*:*", "cpe:2.3:a:jenkins:visual_expert:1.0:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:59", "description": "A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24435", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24435"], "modified": "2023-02-02T13:57:00", "cpe": ["cpe:/a:jenkins:github_pull_request_builder:1.42.2"], "id": "CVE-2023-24435", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24435", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:github_pull_request_builder:1.42.2:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:59", "description": "A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24436", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24436"], "modified": "2023-02-02T15:03:00", "cpe": ["cpe:/a:jenkins:github_pull_request_builder:1.42.2"], "id": "CVE-2023-24436", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24436", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:github_pull_request_builder:1.42.2:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-24T00:00:12", "description": "Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24454", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24454"], "modified": "2023-02-02T16:52:00", "cpe": ["cpe:/a:jenkins:testquality_updater:1.3"], "id": "CVE-2023-24454", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24454", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:testquality_updater:1.3:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:58:26", "description": "A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24422", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24422"], "modified": "2023-02-04T02:08:00", "cpe": [], "id": "CVE-2023-24422", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24422", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-07-24T00:00:22", "description": "A missing permission check in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24459", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24459"], "modified": "2023-02-02T16:48:00", "cpe": ["cpe:/a:jenkins:bearychat:3.0.2"], "id": "CVE-2023-24459", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24459", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:bearychat:3.0.2:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:59:00", "description": "Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24439", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24439"], "modified": "2023-02-04T02:07:00", "cpe": ["cpe:/a:jenkins:jira_pipeline_steps:2.0.165.v8846cf59f3db"], "id": "CVE-2023-24439", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24439", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jira_pipeline_steps:2.0.165.v8846cf59f3db:*:*:*:*:jenkins:*:*"]}, {"lastseen": "2023-07-23T23:59:38", "description": "A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "cve", "title": "CVE-2023-24448", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24448"], "modified": "2023-02-02T15:50:00", "cpe": ["cpe:/a:jenkins:rabbitmq_consumer:2.8"], "id": "CVE-2023-24448", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24448", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:rabbitmq_consumer:2.8:*:*:*:*:jenkins:*:*"]}], "alpinelinux": [{"lastseen": "2023-09-24T20:02:08", "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "alpinelinux", "title": "CVE-2023-24458", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24458"], "modified": "2023-02-02T16:49:00", "id": "ALPINE:CVE-2023-24458", "href": "https://security.alpinelinux.org/vuln/CVE-2023-24458", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-24T20:02:08", "description": "Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-26T21:18:00", "type": "alpinelinux", "title": "CVE-2023-24426", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24426"], "modified": "2023-02-03T14:37:00", "id": "ALPINE:CVE-2023-24426", "href": "https://security.alpinelinux.org/vuln/CVE-2023-24426", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-24T20:02:08", "description": "A missing permission check in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-26T21:18:00", "type": "alpinelinux", "title": "CVE-2023-24459", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24459"], "modified": "2023-02-02T16:48:00", "id": "ALPINE:CVE-2023-24459", "href": "https://security.alpinelinux.org/vuln/CVE-2023-24459", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-09-24T20:02:08", "description": "A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-01-26T21:18:00", "type": "alpinelinux", "title": "CVE-2023-24422", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24422"], "modified": "2023-02-04T02:08:00", "id": "ALPINE:CVE-2023-24422", "href": "https://security.alpinelinux.org/vuln/CVE-2023-24422", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2023-08-31T18:35:42", "description": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-01-25T04:05:54", "type": "redhatcve", "title": "CVE-2023-24422", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24422"], "modified": "2023-08-31T16:25:11", "id": "RH:CVE-2023-24422", "href": "https://access.redhat.com/security/cve/cve-2023-24422", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2023-07-24T08:25:06", "description": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-05-17T16:15:17", "type": "redhat", "title": "(RHSA-2023:3195) Important: jenkins and jenkins-2-plugins security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42889", "CVE-2023-24422", "CVE-2023-25761", "CVE-2023-25762", "CVE-2023-27903", "CVE-2023-27904"], "modified": "2023-05-17T16:16:05", "id": "RHSA-2023:3195", "href": "https://access.redhat.com/errata/RHSA-2023:3195", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-18T08:33:56", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:1656\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client (CVE-2022-31690)\n\n* spring-security: Authorization rules can be bypassed via forward or include dispatcher types in Spring Security (CVE-2022-31692)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins: XSS vulnerability in plugin manager (CVE-2023-27898)\n\n* Jenkins: Temporary plugin file created with insecure permissions (CVE-2023-27899)\n\n* kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF) (CVE-2022-3172)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-04-12T11:51:14", "type": "redhat", "title": "(RHSA-2023:1655) Critical: OpenShift Container Platform 4.10.56 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-31690", "CVE-2022-31692", "CVE-2022-3172", "CVE-2022-42889", "CVE-2023-24422", "CVE-2023-25725", "CVE-2023-27898", "CVE-2023-27899", "CVE-2023-27903", "CVE-2023-27904"], "modified": "2023-04-20T05:03:19", "id": "RHSA-2023:1655", "href": "https://access.redhat.com/errata/RHSA-2023:1655", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-18T06:33:53", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:1655\n\nSpace precludes documenting all the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nSecurity Fix(es):\n\n* mongo-go-driver: specific cstrings input may not be properly validated (CVE-2021-20329)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.10 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-04-12T11:40:20", "type": "redhat", "title": "(RHSA-2023:1656) Moderate: OpenShift Container Platform 4.10.56 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20329", "CVE-2022-31690", "CVE-2022-31692", "CVE-2022-3172", "CVE-2022-42889", "CVE-2023-0266", "CVE-2023-0286", "CVE-2023-0461", "CVE-2023-24422", "CVE-2023-27898", "CVE-2023-27899", "CVE-2023-27903", "CVE-2023-27904"], "modified": "2023-04-12T11:40:54", "id": "RHSA-2023:1656", "href": "https://access.redhat.com/errata/RHSA-2023:1656", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-12T01:05:55", "description": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)\n\n* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin (CVE-2023-32977)\n\n* jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode (CVE-2021-46877)\n\n* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)\n\n* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)\n\n* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)\n\n* jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin (CVE-2023-32981)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-06-15T00:10:54", "type": "redhat", "title": "(RHSA-2023:3610) Important: jenkins and jenkins-2-plugins security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-46877", "CVE-2022-29599", "CVE-2022-30953", "CVE-2022-30954", "CVE-2022-40149", "CVE-2022-40150", "CVE-2022-41723", "CVE-2022-45693", "CVE-2023-1370", "CVE-2023-20860", "CVE-2023-20861", "CVE-2023-24422", "CVE-2023-32977", "CVE-2023-32981"], "modified": "2023-06-16T09:41:46", "id": "RHSA-2023:3610", "href": "https://access.redhat.com/errata/RHSA-2023:3610", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-17T08:28:55", "description": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode (CVE-2021-46877)\n\n* springframework: Authorization Bypass in RegexRequestMatcher (CVE-2022-22978)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* Jenkins: Denial of Service attack (CVE-2023-27900)\n\n* Jenkins: Denial of Service attack (CVE-2023-27901)\n\n* Jenkins: Workspace temporary directories accessible through directory browser (CVE-2023-27902)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-05-24T17:06:51", "type": "redhat", "title": "(RHSA-2023:3299) Important: jenkins and jenkins-2-plugins security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7692", "CVE-2021-4178", "CVE-2021-46877", "CVE-2022-22978", "CVE-2022-25647", "CVE-2022-40151", "CVE-2022-40152", "CVE-2022-42889", "CVE-2023-24422", "CVE-2023-24998", "CVE-2023-25761", "CVE-2023-25762", "CVE-2023-27900", "CVE-2023-27901", "CVE-2023-27902", "CVE-2023-27904"], "modified": "2023-05-26T15:45:31", "id": "RHSA-2023:3299", "href": "https://access.redhat.com/errata/RHSA-2023:3299", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-24T08:47:25", "description": "Multicluster Engine for Kubernetes 2.2.4 images\n\nMulticluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters or to bring existing Kubernetes-based clusters under management by\nimporting them. After the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.\n\nSecurity fix(es):\n* CVE-2023-32314 vm2: Sandbox Escape\n* CVE-2023-32313 vm2: Inspect Manipulation", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-05-24T14:14:01", "type": "redhat", "title": "(RHSA-2023:3296) Critical: Multicluster Engine for Kubernetes 2.2.4 security fixes and container updates", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2795", "CVE-2022-2928", "CVE-2022-2929", "CVE-2022-31690", "CVE-2022-31692", "CVE-2022-3172", "CVE-2022-36227", "CVE-2022-41973", "CVE-2022-42889", "CVE-2023-0361", "CVE-2023-24422", "CVE-2023-2491", "CVE-2023-25725", "CVE-2023-27535", "CVE-2023-27898", "CVE-2023-27899", "CVE-2023-27903", "CVE-2023-27904", "CVE-2023-32313", "CVE-2023-32314"], "modified": "2023-05-24T14:14:34", "id": "RHSA-2023:3296", "href": "https://access.redhat.com/errata/RHSA-2023:3296", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-27T00:48:28", "description": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)\n\n* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)\n\n* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)\n\n* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)\n\n* maven: Block repositories using http by default (CVE-2021-26291)\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)\n\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)\n\n* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)\n\n* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)\n\n* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-05-17T17:46:13", "type": "redhat", "title": "(RHSA-2023:3198) Critical: jenkins and jenkins-2-plugins security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26291", "CVE-2022-1471", "CVE-2022-25857", "CVE-2022-29599", "CVE-2022-30953", "CVE-2022-30954", "CVE-2022-42889", "CVE-2022-43401", "CVE-2022-43402", "CVE-2022-43403", "CVE-2022-43404", "CVE-2022-43405", "CVE-2022-43406", "CVE-2022-43407", "CVE-2022-43408", "CVE-2022-43409", "CVE-2022-45047", "CVE-2023-24422", "CVE-2023-25761", "CVE-2023-25762", "CVE-2023-27903", "CVE-2023-27904"], "modified": "2023-05-17T17:47:00", "id": "RHSA-2023:3198", "href": "https://access.redhat.com/errata/RHSA-2023:3198", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}