Lucene search
K

26 matches found

CVE
CVE
added 2019/04/04 3:38 p.m.57 views

CVE-2019-10289

Jenkins Netsparker Cloud Scan Plugin

6.5CVSS6.3AI score0.01339EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/04/04 3:38 p.m.30 views

CVE-2019-10291

Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...

8.7AI score0.01832EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/04/04 3:38 p.m.30 views

CVE-2019-10290

A missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpldoValidateAPI form validation method allowed attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.3AI score0.01536EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/04/04 3:38 p.m.27 views

CVE-2019-10289

A cross-site request forgery vulnerability in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpldoValidateAPI form validation method allowed attackers to initiate a connection to an attacker-specified server...

6.3AI score0.01339EPSS
Exploits0References3
CVE
CVE
added 2019/04/04 3:38 p.m.66 views

CVE-2019-10291

Summary (concrete details): CVE-2019-10291 concerns the Jenkins Netsparker Cloud Scan Plugin (version 1.1.5 and older) which stored credentials in plaintext in the Jenkins master/global configuration file, exposing them to anyone with file-system access. Related connected data show the Enterprise...

8.8CVSS8.6AI score0.01832EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.6 views

PT-2019-11692 · Jenkins · Jenkins Netsparker Cloud Scan Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Netsparker Cloud Scan Plugin version 1.1.5 and older Description: A missing permission check in the NCScanBuilder.DescriptorImpldoValidateAPI form validation method allows attackers with Overall/Read permission to initiate a connectio...

6.5CVSS6.3AI score0.01536EPSS
Exploits0References6
Rows per page
Query Builder