35 matches found
CloudBees Jenkins Nomad Plugin Authorization Issues Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . OctopusDeploy Plugin is used in which a...
CloudBees Jenkins Nomad Plugin Cross-Site Request Forgery Vulnerability
CloudBees Jenkins Hudson Labs is a set of U.S. CloudBees company based on Java development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Nomad Plugin is used in one of the workload according t...
CVE-2019-1003092
A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...
CVE-2019-1003093
A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003092
A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...
CVE-2019-1003093
A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...
Input validation
A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003093
A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003092
A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...
CVE-2019-1003092
The CVE-2019-1003092 entry concerns a cross-site request forgery in the Jenkins Nomad Plugin, specifically in the NomadCloud.DescriptorImpl#doTestConnection form validation. The vulnerability allows an attacker to cause the plugin to initiate a connection to a server of the attacker’s choosing. D...
CVE-2019-1003093
CVE-2019-1003093 corresponds to a Jenkins Nomad Plugin issue where a missing permission check in NomadCloud.DescriptorImpl#doTestConnection allows attackers with Overall/Read to initiate a connection to a server chosen by the attacker. The vulnerability affects the Jenkins Nomad Plugin; impact de...
CVE-2019-1003092
A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...
PT-2019-11383 · Jenkins · Jenkins Nomad Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Nomad Plugin affected versions not specified Description: A missing permission check in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an...
PT-2019-11382 · Jenkins · Jenkins Nomad Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Nomad Plugin affected versions not specified Description: A cross-site request forgery issue exists in the NomadCloud.DescriptorImpldoTestConnection form validation method, allowing attackers to initiate a connection to an...