Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:24 a.m.11 views

CVE-2023-43501

A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...

6.5CVSS6.6AI score0.00504EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/25 12:0 a.m.39 views

Jenkins Plugins Multiple Vulnerabilities (2023-09-20)

According to its self-reported version number, the version of Jenkins plugins running on the remote web server is affected by multiple vulnerabilities: - Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site...

8.8CVSS5.8AI score0.00521EPSS
Exploits0References5
NVD
NVD
added 2023/09/20 5:15 p.m.37 views

CVE-2023-43501

A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...

6.5CVSS6.9AI score0.00504EPSS
Exploits0References2
CVE
CVE
added 2023/09/20 4:6 p.m.65 views

CVE-2023-43501

CVE-2023-43501 affects Jenkins Build Failure Analyzer Plugin (versions ≤ 2.4.1). A missing permission check in the plugin’s connection-test endpoint allows attackers with Overall/Read to reach an attacker-specified hostname:port using attacker-specified credentials, per initial description. Conne...

6.5CVSS6.2AI score0.00504EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/09/20 4:6 p.m.41 views

CVE-2023-43501

A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...

6.8AI score0.00504EPSS
Exploits0References2
Rows per page
Query Builder