4 matches found
CVE-2023-49883
IBM Transformation Extender Advanced 10.0.1 is affected by a weak-password vulnerability: it does not require strong passwords by default, enabling potential account compromise. Affected product: Transformation Extender Advanced (IBM Standards Processing Engine). Root cause: weak password require...
CVE-2023-49883 IBM Transformation Extender Advanced information disclosure
IBM Transformation Extender Advanced 10.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts...
pipeline-build-step: Password parameter default values exposed
A flaw was found in Jenkins pipeline-build-step where it revealed password parameter default values when generating a pipeline script using the Pipeline snippet generator. This flaw allows attackers with item/read permission to retrieve the default password parameter value from jobs and compromis...
Jenkins Pipeline 信息泄露漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.An information disclosure vulnerability exists in Jenkins Pipeline Build Step Plugin 2.15 and earlier versions, which stem...