62 matches found
CVE-2023-28673
A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2023-28673
CVE-2023-28673: A missing permission check in Jenkins OctoPerf Load Testing Plugin (versions
CVE-2023-28674
CVE-2023-28674 corresponds to a CSRF vulnerability in the Jenkins OctoPerf Load Testing Plugin (versions 4.5.2 and earlier). The issue arises from missing permission checks across several HTTP endpoints, allowing an attacker with Overall/Read permission to connect to a configured Octoperf server ...
CVE-2023-28674
A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...
CVE-2023-28673
A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2023-28672
CVE-2023-28672 affects Jenkins OctoPerf Load Testing Plugin (versions 4.5.1 and earlier). The root cause is a missing permission check in the connection test HTTP endpoint, enabling attackers with Overall/Read to reach an attacker‑specified URL using attacker‑specified credentials IDs sourced thr...
CVE-2023-28672
Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...
CVE-2023-28672
Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...
CVE-2023-28672
Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...
CVE-2023-28671
The CVE-2023-28671 vulnerability affects Jenkins OctoPerf Load Testing Plugin, versions 4.5.0 and earlier. It is a CSRF flaw that lets an attacker connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, potentially capturing credentials store...
CVE-2023-28671
A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-28671
A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2023-28671
A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
PT-2023-21894 · Jenkins · Jenkins Octoperf Load Testing Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins OctoPerf Load Testing Plugin Plugin versions 4.5.2 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. This can...
PT-2023-21895 · Jenkins · Jenkins Octoperf Load Testing Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins OctoPerf Load Testing Plugin Plugin versions 4.5.2 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials. T...
Jenkins Plugins OctoPerf Load Testing 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Jenkins Plugins OctoPerf Load Testing 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2023-21896 · Jenkins · Jenkins Octoperf Load Testing Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins OctoPerf Load Testing Plugin versions 4.5.2 and earlier Description: A missing permission check in the Jenkins OctoPerf Load Testing Plugin allows attackers to connect to a previously configured Octoperf server using attacker-specifie...
Jenkins Plugins OctoPerf Load Testing 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Jenkins Plugins OctoPerf Load Testing 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...