Lucene search
+L

4 matches found

NVD
NVD
added 2023/11/29 2:15 p.m.22 views

CVE-2023-49674

A missing permission check in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...

4.3CVSS0.00479EPSS
Exploits0References2
CVE
CVE
added 2023/11/29 1:45 p.m.55 views

CVE-2023-49674

CVE-2023-49674 affects Jenkins NeuVector Vulnerability Scanner Plugin ≤ 1.22. A missing permission check in a connection test HTTP endpoint (and CSRF-vulnerable behavior) lets attackers with Overall/Read connect to an attacker-specified hostname and port using attacker-specified credentials, pote...

4.3CVSS4.4AI score0.00479EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/29 1:45 p.m.32 views

CVE-2023-49674

A missing permission check in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...

5.1AI score0.00479EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.46 views

Jenkins plugins Multiple Vulnerabilities (2023-11-29)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Medium Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing the use of system-scoped...

9.8CVSS6.7AI score0.00844EPSS
Exploits0References8
Rows per page
Query Builder