Lucene search
+L

15 matches found

redhatcve
redhatcve
added 2025/05/22 10:26 a.m.9 views

CVE-2019-10369

A missing permission check in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained...

6.5CVSS6.4AI score0.00974EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:25 a.m.9 views

CVE-2019-10368

A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified...

8.8CVSS6.4AI score0.008EPSS
Exploits0References1
cnvd
cnvd
added 2019/08/15 12:0 a.m.6 views

CloudBees Jenkins JClouds Plugin Authorization Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . An authorization issue vulnerability exists in CloudBees Jenkins JClouds Plugin, which can be exploited by an attacker to gain access to credentials stored in...

6.5CVSS7AI score0.00974EPSS
Exploits0References1
cnvd
cnvd
added 2019/08/15 12:0 a.m.5 views

CloudBees Jenkins JClouds Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site request forgery vulnerability exists in CloudBees Jenkins JClouds Plugin, which can be exploited by an attacker to send unintended requests to the...

8.8CVSS6.9AI score0.008EPSS
Exploits0References1
nvd
nvd
added 2019/08/07 3:15 p.m.24 views

CVE-2019-10368

A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified...

8.8CVSS8.6AI score0.008EPSS
Exploits0References5
osv
osv
added 2019/08/07 3:15 p.m.13 views

CVE-2019-10368

A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified...

8.8CVSS6.4AI score
Exploits0References5
nvd
nvd
added 2019/08/07 3:15 p.m.26 views

CVE-2019-10369

A missing permission check in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained...

6.5CVSS6.4AI score0.00974EPSS
Exploits0References5
osv
osv
added 2019/08/07 3:15 p.m.17 views

CVE-2019-10369

A missing permission check in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained...

6.5CVSS6.4AI score
Exploits0References5
prion
prion
added 2019/08/07 3:15 p.m.16 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified...

6.8CVSS8.5AI score0.008EPSS
Exploits0References5Affected Software1
prion
prion
added 2019/08/07 3:15 p.m.14 views

Design/Logic Flaw

A missing permission check in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained...

4CVSS6.3AI score0.00974EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2019/08/07 2:20 p.m.24 views

CVE-2019-10368

A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified...

8.7AI score0.008EPSS
Exploits0References5
cvelist
cvelist
added 2019/08/07 2:20 p.m.27 views

CVE-2019-10369

A missing permission check in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpldoTestConnection and JCloudsCloud.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained...

6.3AI score0.00974EPSS
Exploits0References5
cve
cve
added 2019/08/07 2:20 p.m.56 views

CVE-2019-10369

CVE-2019-10369 — Jenkins JClouds Plugin : A missing permission check in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection allows users with Overall/Read access to connect to an attacker-specified URL using ...

6.5CVSS6.3AI score0.00974EPSS
Exploits0References5Affected Software1
cve
cve
added 2019/08/07 2:20 p.m.55 views

CVE-2019-10368

The CVE-2019-10368 vulnerability affects the Jenkins JClouds Plugin (versions 2.14 and earlier). A cross-site request forgery exists in the form validation paths BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection, where an attacker with Overall/Read ...

8.8CVSS8.5AI score0.008EPSS
Exploits0References5Affected Software1
ptsecurity
ptsecurity
added 2019/08/07 12:0 a.m.6 views

PT-2019-11764 · Jenkins · Jenkins Jclouds Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins JClouds Plugin versions 2.14 and earlier Description: A cross-site request forgery issue allows users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs, potentially capturing...

8.8CVSS8.6AI score0.008EPSS
Exploits0References8
Rows per page
Query Builder