Lucene search
K

62 matches found

Cvelist
Cvelist
added 2023/03/23 11:26 a.m.32 views

CVE-2023-28673

A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

5.1AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2023/03/23 11:26 a.m.240 views

CVE-2023-28673

CVE-2023-28673: A missing permission check in Jenkins OctoPerf Load Testing Plugin (versions

4.3CVSS4.3AI score0.00409EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/23 11:26 a.m.244 views

CVE-2023-28674

CVE-2023-28674 corresponds to a CSRF vulnerability in the Jenkins OctoPerf Load Testing Plugin (versions 4.5.2 and earlier). The issue arises from missing permission checks across several HTTP endpoints, allowing an attacker with Overall/Read permission to connect to a configured Octoperf server ...

8.8CVSS8.5AI score0.00362EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2023/03/23 11:26 a.m.19 views

CVE-2023-28674

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

8.8CVSS8.4AI score0.00362EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/03/23 11:26 a.m.24 views

CVE-2023-28673

A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS5.4AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2023/03/23 11:26 a.m.249 views

CVE-2023-28672

CVE-2023-28672 affects Jenkins OctoPerf Load Testing Plugin (versions 4.5.1 and earlier). The root cause is a missing permission check in the connection test HTTP endpoint, enabling attackers with Overall/Read to reach an attacker‑specified URL using attacker‑specified credentials IDs sourced thr...

6.5CVSS6.2AI score0.00509EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/23 11:26 a.m.12 views

CVE-2023-28672

Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...

6.4AI score0.00509EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/23 11:26 a.m.26 views

CVE-2023-28672

Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...

6.8AI score0.00509EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/03/23 11:26 a.m.21 views

CVE-2023-28672

Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...

6.5CVSS6.7AI score0.00509EPSS
Exploits0References1
CVE
CVE
added 2023/03/23 11:26 a.m.245 views

CVE-2023-28671

The CVE-2023-28671 vulnerability affects Jenkins OctoPerf Load Testing Plugin, versions 4.5.0 and earlier. It is a CSRF flaw that lets an attacker connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, potentially capturing credentials store...

4.3CVSS4.5AI score0.00361EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/23 11:26 a.m.6 views

CVE-2023-28671

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4.6AI score0.00361EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/23 11:26 a.m.27 views

CVE-2023-28671

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.3AI score0.00361EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/03/23 11:26 a.m.18 views

CVE-2023-28671

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4.3CVSS5.6AI score0.00361EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/23 12:0 a.m.2 views

PT-2023-21894 · Jenkins · Jenkins Octoperf Load Testing Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OctoPerf Load Testing Plugin Plugin versions 4.5.2 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. This can...

4.3CVSS4.4AI score0.00409EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/23 12:0 a.m.3 views

PT-2023-21895 · Jenkins · Jenkins Octoperf Load Testing Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OctoPerf Load Testing Plugin Plugin versions 4.5.2 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials. T...

8.8CVSS8.5AI score0.00362EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.6 views

Jenkins Plugins OctoPerf Load Testing 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

4.3CVSS5.1AI score0.00409EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.4 views

Jenkins Plugins OctoPerf Load Testing 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

8.8CVSS7.7AI score0.00362EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/23 12:0 a.m.3 views

PT-2023-21896 · Jenkins · Jenkins Octoperf Load Testing Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OctoPerf Load Testing Plugin versions 4.5.2 and earlier Description: A missing permission check in the Jenkins OctoPerf Load Testing Plugin allows attackers to connect to a previously configured Octoperf server using attacker-specifie...

4.3CVSS4.5AI score0.00425EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.4 views

Jenkins Plugins OctoPerf Load Testing 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

4.3CVSS5.1AI score0.00425EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.4 views

Jenkins Plugins OctoPerf Load Testing 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

4.3CVSS4.9AI score0.00361EPSS
Exploits0References3
Rows per page
Query Builder