Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.24 views

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.15 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-12)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.15. It is, therefore, affected by multiple vulnerabilities including the following: - Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask i.e....

8.8CVSS5.9AI score0.0078EPSS
Exploits0References21
NVD
NVD
added 2023/04/12 6:15 p.m.27 views

CVE-2023-30518

A missing permission check in Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS4.5AI score0.00519EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/12 5:5 p.m.7 views

CVE-2023-30518

A missing permission check in Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.4AI score0.00519EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/12 5:5 p.m.31 views

CVE-2023-30518

A missing permission check in Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.8AI score0.00519EPSS
Exploits0References2
CVE
CVE
added 2023/04/12 5:5 p.m.52 views

CVE-2023-30518

This CVE (CVE-2023-30518) affects Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier. Root cause: a missing permission check in the plugin’s HTTP endpoint. Impact: attackers with Overall/Read can enumerate credentials IDs of credentials stored in Jenkins, potentially aiding credential exposu...

4.3CVSS4.4AI score0.00519EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder