Lucene search

PRIOn knowledge basePRION:CVE-2023-37950

HistoryJul 12, 2023 - 4:15 p.m.

Information disclosure

2023-07-1216:15:00

PRIOn knowledge base

www.prio-n.com

information disclosure

jenkins

mabl plugin

permission check

attackers

credentials. nvd

4.4 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.1%

JSON

A missing permission check in Jenkins mabl Plugin 0.0.46 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

CPENameOperatorVersion
mabllt0.0.47

CPE	Name	Operator	Version
	mabl	lt	0.0.47

References

www.openwall.com/lists/oss-security/2023/07/12/2

www.jenkins.io/security/advisory/2023-07-12/