Lucene search
K

100 matches found

OSV
OSV
added 2022/05/13 1:15 a.m.19 views

GHSA-MMQX-G78C-HVFJ Jenkins AppDynamics Dashboard Plugin has insufficiently protected credentials

Jenkins AppDynamics Dashboard Plugin stored username and password in its configuration unencrypted in jobs' config.xml files on the Jenkins controller. This password could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. While masked from view usi...

4.3CVSS8.7AI score0.01399EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/13 1:15 a.m.17 views

Jenkins AppDynamics Dashboard Plugin has insufficiently protected credentials

Jenkins AppDynamics Dashboard Plugin stored username and password in its configuration unencrypted in jobs' config.xml files on the Jenkins controller. This password could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. While masked from view usi...

8.8CVSS6.6AI score0.01399EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/08/18 8:15 p.m.2 views

CVE-2021-34745

A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...

7.8CVSS7.3AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2021/08/18 8:15 p.m.16 views

CVE-2021-34745

A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...

7.8CVSS0.0023EPSS
Exploits0References1
Prion
Prion
added 2021/08/18 8:15 p.m.23 views

Code injection

A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...

7.2CVSS7.8AI score0.0023EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/18 7:50 p.m.20 views

CVE-2021-34745 AppDynamics .NET Agent Privilege Escalation Vulnerability

A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...

7.8CVSS8.1AI score0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/08/18 7:50 p.m.14 views

CVE-2021-34745 AppDynamics .NET Agent Privilege Escalation Vulnerability

A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...

7.8CVSS7.7AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2021/08/18 7:50 p.m.56 views

CVE-2021-34745

Summary: CVE-2021-34745 affects the AppDynamics .NET Agent for Windows. The vulnerability arises because the .NET Agent Coordinator Service can execute code with SYSTEM privileges, allowing an authenticated local user to launch a custom process that runs with SYSTEM rights and potentially execute...

7.8CVSS7.9AI score0.0023EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/08/18 12:0 a.m.5 views

AppDynamics.NET Agent for Windows 安全漏洞

AppDynamics.NET Agent for Windows is intended to be used if you want to monitor IIS applications, Windows services, or standalone applications. A security vulnerability exists in AppDynamics.NET Agent for Windows versions prior to 21.7, which originates from the .NET Agent Coordinator service...

7.8CVSS7.9AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2019/03/08 9:29 p.m.13 views

CVE-2019-1003039

An insufficiently protected credentials vulnerability exists in JenkinsAppDynamics Dashboard Plugin 1.0.14 and earlier in src/main/java/nl/codecentric/jenkins/appd/AppDynamicsResultsPublisher.java that allows attackers without permission to obtain passwords configured in jobs to obtain them...

8.8CVSS8.5AI score0.01399EPSS
Exploits0References2
OSV
OSV
added 2019/03/08 9:29 p.m.11 views

CVE-2019-1003039

An insufficiently protected credentials vulnerability exists in JenkinsAppDynamics Dashboard Plugin 1.0.14 and earlier in src/main/java/nl/codecentric/jenkins/appd/AppDynamicsResultsPublisher.java that allows attackers without permission to obtain passwords configured in jobs to obtain them...

8.8CVSS6.6AI score
Exploits0References2
CVE
CVE
added 2019/03/08 9:0 p.m.56 views

CVE-2019-1003039

Summary: CVE-2019-1003039 concerns the Jenkins AppDynamics Dashboard Plugin (versions ≤ 1.0.14) with an issue in AppDynamicsResultsPublisher.java that allowed attackers with no special permissions to obtain passwords configured in jobs. The root cause is insufficient protection of credentials sto...

8.8CVSS8.5AI score0.01399EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/03/08 12:0 a.m.4 views

PT-2019-11332 · Jenkins · Jenkins Appdynamics Dashboard Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins AppDynamics Dashboard Plugin versions 1.0.14 and earlier Description: The issue allows attackers without permission to obtain passwords configured in jobs. This is due to insufficient protection of credentials in the JenkinsAppDynamic...

8.8CVSS8.4AI score0.01399EPSS
Exploits0References6
CNVD
CNVD
added 2018/06/12 12:0 a.m.2 views

Cisco AppDynamics App iQ Platform SQL Injection Vulnerability

Cisco AppDynamics App iQ Platform is a real-time application and business performance monitoring solution from Cisco. A SQL injection vulnerability exists in the Enterprise Console in versions prior to Cisco AppDynamics App iQ Platform 4.4.3.10598 HF4. A remote attacker could exploit the...

9.8CVSS7.9AI score0.01355EPSS
Exploits0References1
Prion
Prion
added 2018/06/08 8:29 p.m.22 views

Sql injection

The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 HF4 allows SQL injection, aka the Security Advisory 2089 issue...

7.5CVSS9.6AI score0.01355EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/06/08 8:29 p.m.16 views

CVE-2018-0225

The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 HF4 allows SQL injection, aka the Security Advisory 2089 issue...

9.8CVSS9.7AI score0.01355EPSS
Exploits0References1
OSV
OSV
added 2018/06/08 8:29 p.m.4 views

CVE-2018-0225

The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 HF4 allows SQL injection, aka the Security Advisory 2089 issue...

9.8CVSS5.8AI score0.01355EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2018/06/08 8:0 p.m.6 views

CVE-2018-0225

The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 HF4 allows SQL injection, aka the Security Advisory 2089 issue...

7.5AI score0.01355EPSS
Exploits0References1
CVE
CVE
added 2018/06/08 8:0 p.m.48 views

CVE-2018-0225

CVE-2018-0225 concerns the Cisco AppDynamics App iQ Platform Enterprise Console, vulnerable in versions prior to 4.4.3.10598 (HF4). The connected sources specify a SQL injection vulnerability in the Enterprise Console, with a CVSSv3 base score of 9.8 (CRITICAL) and CVSSv2 base score of 7.5 (HIGH)...

9.8CVSS9.5AI score0.01355EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/08 8:0 p.m.15 views

CVE-2018-0225

The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 HF4 allows SQL injection, aka the Security Advisory 2089 issue...

9.7AI score0.01355EPSS
Exploits0References1
Rows per page
Query Builder