Jenkins Oracle Cloud Infrastructure Compute Classic Plugin cross-site request forgery vulnerability

Jenkins Oracle Cloud Infrastructure Compute Classic Plugin does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to initiate a connection test to an attacker-specified server with attacker-specified username and password...

Unspecified Vulnerability in CloudBees Jenkins Oracle Cloud Infrastructure Compute Classic Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed execution of the task.Oracle Cloud Infrastructure...

CloudBees Jenkins Oracle Cloud Infrastructure Compute Classic plugin cross-site request forgery vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed execution of the task.Oracle Cloud Infrastructure...

CVE-2019-10456

A cross-site request forgery vulnerability in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2019-10457

A missing permission check in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

Design/Logic Flaw

A missing permission check in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2019-10456

A cross-site request forgery vulnerability in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2019-10457

CVE-2019-10457 : The Jenkins Oracle Cloud Infrastructure Compute Classic Plugin has a missing permission check that allows attackers with Overall/Read to trigger connections to an attacker-specified URL using attacker-specified credentials. Affected component: Jenkins plugin for Oracle Cloud Infr...

CVE-2019-10456

CVE-2019-10456 is a CSRF vulnerability in the Jenkins Oracle Cloud Infrastructure Compute Classic Plugin. The issue arises because a method implementing form validation lacks proper permission checks, allowing users with Overall/Read access to initiate a connection test to an attacker‑specified U...

PT-2019-11850 · Jenkins · Jenkins Oracle Cloud Infrastructure Compute Classic Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Oracle Cloud Infrastructure Compute Classic Plugin affected versions not specified Description: A cross-site request forgery issue exists, allowing attackers to connect to a specified URL using specified credentials. The plugin does n...