67 matches found
CVE-2019-1003035
CVE-2019-1003035 concerns the Jenkins Azure VM Agents Plugin (versions 0.8.0 and earlier). The vulnerability is an information exposure where attackers with Overall/Read permission can trigger the verify configuration form validation action to obtain limited details about the Azure configuration....
CVE-2019-1003036
The vulnerability CVE-2019-1003036 affects Jenkins with the Azure VM Agents Plugin ≤ 0.8.0, where a flaw in AzureVMAgent.java allows attackers holding Overall/Read permission to attach a public IP to an Azure VM agent. Root cause: missing permission check in the plugin code. Impact is described a...
CVE-2019-1003037
Jenkins Azure VM Agents Plugin
CVE-2019-1003035
An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgentTemplate.java, src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to perform the...
CVE-2019-1003037
An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
PT-2019-11330 · Jenkins · Jenkins Azure Vm Agents Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Azure VM Agents Plugin versions 0.8.0 and earlier Description: An information exposure issue exists that allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. This is due to a...
PT-2019-11329 · Jenkins · Jenkins Azure Vm Agents Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Azure VM Agents Plugin versions 0.8.0 and earlier Description: A data modification issue exists that allows attackers with Overall/Read permission to attach a public IP address to an Azure VM agent. This is related to the...