Lucene search
+L

35 matches found

cnvd
cnvd
added 2019/08/23 12:0 a.m.3 views

CloudBees Jenkins Nomad Plugin Authorization Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . OctopusDeploy Plugin is used in which a...

6.5CVSS6.9AI score0.01536EPSS
Exploits0References1
cnvd
cnvd
added 2019/04/11 12:0 a.m.5 views

CloudBees Jenkins Nomad Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is a set of U.S. CloudBees company based on Java development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Nomad Plugin is used in one of the workload according t...

6.5CVSS6.8AI score0.01296EPSS
Exploits0References1
nvd
nvd
added 2019/04/04 4:29 p.m.31 views

CVE-2019-1003092

A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.01296EPSS
Exploits0References3
nvd
nvd
added 2019/04/04 4:29 p.m.30 views

CVE-2019-1003093

A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.01536EPSS
Exploits0References3
osv
osv
added 2019/04/04 4:29 p.m.5 views

CVE-2019-1003092

A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.01296EPSS
Exploits0References3
osv
osv
added 2019/04/04 4:29 p.m.15 views

CVE-2019-1003093

A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.5AI score
Exploits0References3
prion
prion
added 2019/04/04 4:29 p.m.21 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

4.3CVSS6.3AI score0.01296EPSS
Exploits0References3
prion
prion
added 2019/04/04 4:29 p.m.17 views

Input validation

A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

4CVSS6.3AI score0.01536EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2019/04/04 3:38 p.m.35 views

CVE-2019-1003093

A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.3AI score0.01536EPSS
Exploits0References3
cvelist
cvelist
added 2019/04/04 3:38 p.m.36 views

CVE-2019-1003092

A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.3AI score0.01296EPSS
Exploits0References3
cve
cve
added 2019/04/04 3:38 p.m.65 views

CVE-2019-1003092

The CVE-2019-1003092 entry concerns a cross-site request forgery in the Jenkins Nomad Plugin, specifically in the NomadCloud.DescriptorImpl#doTestConnection form validation. The vulnerability allows an attacker to cause the plugin to initiate a connection to a server of the attacker’s choosing. D...

6.5CVSS6.3AI score0.01296EPSS
Exploits0References3Affected Software1
cve
cve
added 2019/04/04 3:38 p.m.54 views

CVE-2019-1003093

CVE-2019-1003093 corresponds to a Jenkins Nomad Plugin issue where a missing permission check in NomadCloud.DescriptorImpl#doTestConnection allows attackers with Overall/Read to initiate a connection to a server chosen by the attacker. The vulnerability affects the Jenkins Nomad Plugin; impact de...

6.5CVSS6.2AI score0.01536EPSS
Exploits0References3Affected Software1
alpinelinux
alpinelinux
added 2019/04/04 3:38 p.m.28 views

CVE-2019-1003092

A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS4.9AI score0.01296EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2019/04/04 12:0 a.m.5 views

PT-2019-11383 · Jenkins · Jenkins Nomad Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Nomad Plugin affected versions not specified Description: A missing permission check in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an...

6.5CVSS6.2AI score0.01536EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2019/04/04 12:0 a.m.5 views

PT-2019-11382 · Jenkins · Jenkins Nomad Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Nomad Plugin affected versions not specified Description: A cross-site request forgery issue exists in the NomadCloud.DescriptorImpldoTestConnection form validation method, allowing attackers to initiate a connection to an...

6.5CVSS6.2AI score0.01296EPSS
Exploits0References7
Rows per page
Query Builder