Lucene search
K

67 matches found

Vulnrichment
Vulnrichment
added 2023/05/16 4:0 p.m.12 views

CVE-2023-32988

A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.3AI score0.00503EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/16 12:0 a.m.7 views

PT-2023-24120 · Jenkins · Jenkins Azure Vm Agents Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Azure VM Agents Plugin versions 852.v8d35f0960a 43 and earlier Description: A missing permission check in the Jenkins Azure VM Agents Plugin allows attackers with Overall/Read permission to enumerate credentials IDs of credentials...

4.3CVSS4.5AI score0.00503EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/06/16 12:0 a.m.68 views

Jenkins plugins Multiple Vulnerabilities (2022-05-17)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenki...

8.8CVSS7.2AI score0.71335EPSS
Exploits0References29
ATTACKERKB
ATTACKERKB
added 2022/05/17 3:15 p.m.0 views

CVE-2022-30951

Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in...

8.8CVSS7.4AI score0.00807EPSS
Exploits0References3
NVD
NVD
added 2022/05/17 3:15 p.m.36 views

CVE-2022-30950

Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine...

8.8CVSS0.0168EPSS
Exploits0References2
NVD
NVD
added 2022/05/17 3:15 p.m.24 views

CVE-2022-30951

Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in...

8.8CVSS0.00807EPSS
Exploits0References2
Prion
Prion
added 2022/05/17 3:15 p.m.13 views

Design/Logic Flaw

Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in...

6.5CVSS8.7AI score0.00807EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/05/17 2:6 p.m.140 views

CVE-2022-30951

CVE-2022-30951 affects Jenkins WMI Windows Agents Plugin 1.8 and earlier. The Windows Remote Command library it includes does not implement access control, potentially allowing a user who cannot log in to start processes on the agent via a named pipe. The issue is explicitly described as an acces...

8.8CVSS8.7AI score0.00807EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.3 views

PT-2022-20406 · Jenkins · Jenkins Wmi Windows Agents Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins WMI Windows Agents Plugin versions 1.8 and earlier Description: The Jenkins WMI Windows Agents Plugin includes the Windows Remote Command library, which does not implement access control. This potentially allows users to start process...

8.8CVSS9.2AI score0.00807EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2022/05/13 1:15 a.m.22 views

Missing permission check in Azure VM Agents Plugin allowed modifying VM configuration

A data modification vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgent.java that allows attackers with Overall/Read permission to attach a public IP address to an Azure VM agent...

4.3CVSS6.7AI score0.00914EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/03/18 2:15 p.m.15 views

CVE-2021-21627

A cross-site request forgery CSRF vulnerability in Jenkins Libvirt Agents Plugin 1.9.0 and earlier allows attackers to stop hypervisor domains...

8.8CVSS6.7AI score
Exploits0References2
Prion
Prion
added 2021/03/18 2:15 p.m.17 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Libvirt Agents Plugin 1.9.0 and earlier allows attackers to stop hypervisor domains...

6.8CVSS8.7AI score0.00818EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/03/18 1:35 p.m.77 views

CVE-2021-21627

CVE-2021-21627 is a CSRF vulnerability in Jenkins Libvirt Agents Plugin (versions

8.8CVSS8.6AI score0.00818EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/03/18 1:35 p.m.19 views

CVE-2021-21627

A cross-site request forgery CSRF vulnerability in Jenkins Libvirt Agents Plugin 1.9.0 and earlier allows attackers to stop hypervisor domains...

8.9AI score0.00818EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/03/18 12:0 a.m.3 views

PT-2021-14670 · Jenkins · Jenkins Libvirt Agents Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Libvirt Agents Plugin versions 1.9.0 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to stop hypervisor domains. This issue arises because the plugin does not require POST requests for a form...

8.8CVSS8.7AI score0.00818EPSS
Exploits0References8
Prion
Prion
added 2019/03/08 9:29 p.m.21 views

Information disclosure

An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4CVSS6.2AI score0.01277EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/08 9:29 p.m.15 views

CVE-2019-1003035

An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgentTemplate.java, src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to perform the...

4.3CVSS4.3AI score0.00998EPSS
Exploits0References2
NVD
NVD
added 2019/03/08 9:29 p.m.13 views

CVE-2019-1003037

An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.5CVSS6.2AI score0.01277EPSS
Exploits0References2
NVD
NVD
added 2019/03/08 9:29 p.m.20 views

CVE-2019-1003036

A data modification vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgent.java that allows attackers with Overall/Read permission to attach a public IP address to an Azure VM agent...

4.3CVSS4.4AI score0.00914EPSS
Exploits0References2
OSV
OSV
added 2019/03/08 9:29 p.m.24 views

CVE-2019-1003035

An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgentTemplate.java, src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to perform the...

4.3CVSS6.2AI score
Exploits0References2
Rows per page
Query Builder