2 matches found
CVE-2023-40347
Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...
CVE-2023-40347
The CVE-2023-40347 entry concerns the Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin, affected in versions 1.14 and earlier. The root cause is that the plugin does not set the appropriate context for credentials lookup, enabling attackers with Item/Configure permission to access and cap...