4 matches found
CVE-2023-6147
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs...
CVE-2023-6147 Possible XXE vulnerability in Jenkins Plugin for Qualys Policy Compliance
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs...
CVE-2023-6147
The Connected documents corroborate CVE-2023-6147 affecting the Qualys Jenkins Plugin for Policy Compliance (versions up to 1.0.5). The root cause is a missing permission check during a connectivity test to Qualys Cloud Services, which allowed any user with login and job-configuration access to p...
CVE-2023-6147 Possible XXE vulnerability in Jenkins Plugin for Qualys Policy Compliance
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs...