Lucene search
PRIOn knowledge basePRION:CVE-2023-46655HistoryOct 25, 2023 - 6:17 p.m.
Design/Logic Flaw
2023-10-2518:17:00
PRIOn knowledge base
www.prio-n.com
6
design/logic flaw
jenkins cloudbees cd
plugin
vulnerability
artifact publishing
attackers
file system
cloudbees cd server
nvd
0.0005 Low
EPSS
Percentile
18.3%
Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the directory from which artifacts are published during the ‘CloudBees CD - Publish Artifact’ post-build step, allowing attackers able to configure jobs to publish arbitrary files from the Jenkins controller file system to the previously configured CloudBees CD server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cloudbees_cd | le | 1.1.32 |
Related
cve
cve
CVE-2023-46655
2023-10-25 18:17:40
cvelist
cvelist
CVE-2023-46655
2023-10-25 13:45:56
osv
osv
CVE-2023-46655
2023-10-25 18:17:40
Jenkins CloudBees CD Plugin vulnerable to arbitrary file read
2023-10-25 18:32:25
github
github
Jenkins CloudBees CD Plugin vulnerable to arbitrary file read
2023-10-25 18:32:25
nvd
nvd
CVE-2023-46655
2023-10-25 18:17:40
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2023-10-25)
2023-10-25 00:00:00