CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/22 7:46 a.m.•5 views

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.4AI score0.00031EPSS

RedhatCVE•added 2025/05/22 4:14 a.m.•3 views

CVE-2019-10472

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.4AI score0.00048EPSS

Github Security Blog•added 2022/05/24 4:59 p.m.•20 views

Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS4.3AI score0.00031EPSS

Exploits0References6Affected Software1

CNVD•added 2019/10/28 12:0 a.m.•1 views

CloudBees Jenkins Libvirt Slaves Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Libvirt Slaves Plugin is used in one of the plug-in for controlling guest domains...

6.5CVSS6.4AI score0.00048EPSS

CNVD•added 2019/10/28 12:0 a.m.•1 views

CloudBees Jenkins Libvirt Slaves Plugin Cross-Site Request Pseudo-Vulnerability (CNVD-2019-38512)

8.8CVSS6.7AI score0.00093EPSS

CNVD•added 2019/10/28 12:0 a.m.•2 views

CloudBees Jenkins Libvirt Slaves Plugin Enumeration Credentials Vulnerability

4.3CVSS6.5AI score0.00031EPSS

OSV•added 2019/10/23 1:15 p.m.•16 views

CVE-2019-10472

6.5CVSS6.6AI score

NVD•added 2019/10/23 1:15 p.m.•11 views

CVE-2019-10471

8.8CVSS8.6AI score0.00093EPSS

OSV•added 2019/10/23 1:15 p.m.•11 views

CVE-2019-10471

8.8CVSS6.7AI score

NVD•added 2019/10/23 1:15 p.m.•8 views

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS4.5AI score0.00031EPSS

OSV•added 2019/10/23 1:15 p.m.•11 views

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.6AI score

Prion•added 2019/10/23 1:15 p.m.•13 views

Cross site request forgery (csrf)

6.8CVSS8.5AI score0.00093EPSS

Prion•added 2019/10/23 1:15 p.m.•12 views

Design/Logic Flaw

4CVSS6.3AI score0.00048EPSS

Cvelist•added 2019/10/23 12:45 p.m.•9 views

CVE-2019-10472

6.3AI score0.00048EPSS

CVE•added 2019/10/23 12:45 p.m.•68 views

CVE-2019-10472

The CVE-2019-10472 involves Jenkins Libvirt Slaves Plugin where a missing permission check allows attackers with Overall/Read to initiate SSH connections to an attacker-controlled server using attacker-controlled credentials IDs, potentially capturing credentials stored in Jenkins. The connected ...

6.5CVSS6.3AI score0.00048EPSS

CVE•added 2019/10/23 12:45 p.m.•58 views

CVE-2019-10473

A vulnerability in the Jenkins Libvirt Slaves Plugin (credential enumeration) arises from a missing permission check in form-related methods. Affected component(s): Libvirt Slaves Plugin, form-related credential handling. Root cause: insufficient access control allows users with Overall/Read to e...

4.3CVSS4.4AI score0.00031EPSS

Cvelist•added 2019/10/23 12:45 p.m.•11 views

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.4AI score0.00031EPSS