Lucene search
K

4966 matches found

Positive Technologies
Positive Technologies
added 2025/03/11 12:0 a.m.7 views

PT-2025-10746 · Unknown · Sipass Integrated Acc-Ap +1

Name of the Vulnerable Software and Affected Versions: SiPass integrated AC5102 ACC-G2 versions prior to V6.4.9 SiPass integrated ACC-AP versions prior to V6.4.9 Description: A vulnerability has been identified where affected devices improperly sanitize input for the "pubkey" endpoint of the REST...

9.4CVSS7AI score0.00466EPSS
Exploits0References15
OSV
OSV
added 2025/03/07 8:56 p.m.9 views

BIT-JENKINS-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

4.3CVSS6.5AI score0.00684EPSS
Exploits0References2
OSV
OSV
added 2025/03/07 8:55 p.m.8 views

BIT-JENKINS-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

4.3CVSS6.5AI score0.00298EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/06 5:48 a.m.8 views

CVE-2025-27623

A flaw was found in Jenkins. Affected versions of Jenkins do not redact encrypted values of secrets when accessing the config.xml of views via REST API or CLI. This flaw allows attackers with view/read permission to view encrypted values of secrets...

4.3CVSS6.7AI score0.00298EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/03/06 12:31 a.m.14 views

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI. This allows attackers with View/Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted values of...

4.3CVSS6.7AI score0.00298EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/03/06 12:31 a.m.14 views

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI. This allows attackers with Agent/Extended Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted...

4.3CVSS6.7AI score0.00684EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/06 12:31 a.m.4 views

GHSA-P34J-R3CH-C985 Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI. This allows attackers with Agent/Extended Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted...

4.3CVSS6.9AI score0.00684EPSS
Exploits0References4
Snyk
Snyk
added 2025/03/05 11:41 p.m.4 views

Cleartext Storage of Sensitive Information

Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information due to improper redaction of encrypted values in config.xml when accessed via REST API or CLI. An attacker with View/Read...

7.1CVSS6.8AI score0.00298EPSS
Exploits0References2
NVD
NVD
added 2025/03/05 11:15 p.m.13 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

4.3CVSS0.00298EPSS
Exploits0References1
OSV
OSV
added 2025/03/05 11:15 p.m.4 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

4.3CVSS6.9AI score
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/03/05 11:15 p.m.7 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

4.3CVSS7.1AI score0.00684EPSS
Exploits0References1
NVD
NVD
added 2025/03/05 11:15 p.m.15 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

4.3CVSS0.00684EPSS
Exploits0References1
OSV
OSV
added 2025/03/05 11:15 p.m.4 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

4.3CVSS6.9AI score
Exploits0References1
Cvelist
Cvelist
added 2025/03/05 10:33 p.m.12 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/05 10:33 p.m.8 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

7AI score0.00298EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/05 10:33 p.m.15 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

0.00684EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/05 10:33 p.m.7 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

7AI score0.00684EPSS
Exploits0References1
CVE
CVE
added 2025/03/05 10:33 p.m.185 views

CVE-2025-27622

CVE-2025-27622 affects Jenkins 2.499 and earlier, and LTS 2.492.1 and earlier, where encrypted values of secrets stored in agent configuration (config.xml) are not redacted when accessed via REST API or CLI. An attacker with Agent/Extended Read permission can view these encrypted secret values. T...

4.3CVSS7AI score0.00684EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/05 12:0 a.m.6 views

PT-2025-9860 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.499 and earlier, LTS versions 2.492.1 and earlier Description: The issue allows attackers with View/Read permission to view encrypted values of secrets when accessing config.xml of views via REST API or CLI. This occurs...

4.3CVSS4.7AI score0.00298EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2025/03/05 12:0 a.m.4 views

PT-2025-9859 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.499 and earlier Jenkins LTS versions 2.492.1 and earlier Description: The issue allows attackers with Agent/Extended Read permission to view encrypted values of secrets when accessing config.xml of agents via REST API or CL...

4.3CVSS4.7AI score0.00684EPSS
Exploits0References22
Rows per page
Query Builder