Lucene search
GoogleOSV:CVE-2023-43500HistorySep 20, 2023 - 5:15 p.m.
CVE-2023-43500
2023-09-2017:15:12
Google
osv.dev
12
jenkins
csrf
vulnerability
unauthorized
connection
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
EPSS
0.001
Percentile
30.3%
A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password.
Related
nvd
nvd
CVE-2023-43500
2023-09-20 17:15:12
cve
cve
CVE-2023-43500
2023-09-20 17:15:12
vulnrichment
vulnrichment
CVE-2023-43500
2023-09-20 16:06:12
github
github
prion
prion
Cross site request forgery (csrf)
2023-09-20 17:15:00
osv
osv
cvelist
cvelist
CVE-2023-43500
2023-09-20 16:06:12
nessus
nessus
Jenkins Plugins Multiple Vulnerabilities (2023-09-20)
2023-09-25 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
EPSS
0.001
Percentile
30.3%
Related for OSV:CVE-2023-43500