EUVD-2022-2476

Malicious code in bioql PyPI...

GHSA-5293-3FGP-CR3X Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings

The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to it...

Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings

The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to it...

Problem in taking a backup of ADC VPX from ADM

ADM is unable to take periodic backups of ADC and manual backups fail too. Here are the errors that we see in mpsconfig.log in ADM: SCP: Unable to open a session on 192.168.x.x Tuesday, 8 Oct 19 16:00:08.872 +1100 Error DeviceBackup541 Backup: Error uploading /mps/nssystembackup.pl on Citrix ADC...

CVE-2017-1000086

The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to it...

CVE-2017-1000086

Summary: Multiple sources report a vulnerability in the Jenkins Periodic Backup Plugin (CVE-2017-1000086) involving missing permission checks and CSRF exposure. Affected component: Jenkins Periodic Backup Plugin (version 1.4 and earlier, per CNVD/CVE references). Root cause (as stated): The plugi...

CloudBees Jenkins Periodic Backup Plugin Security Bypass Vulnerability

CloudBees Jenkins is a set of U.S. CloudBees continuous integration tools based on Java development , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Periodic Backup Plugin is one of the file regular backup...

[SECURITY] Fedora 20 Update: rdiff-backup-1.2.8-14.fc20

rdiff-backup is a script, written in Python, that backs up one directory to another and is intended to be run periodically nightly from cron for instance. The target directory ends up a copy of the source directory, but extra reverse diffs are stored in the target directory, so you can still...

[SECURITY] Fedora 22 Update: rdiff-backup-1.2.8-14.fc22

rdiff-backup is a script, written in Python, that backs up one directory to another and is intended to be run periodically nightly from cron for instance. The target directory ends up a copy of the source directory, but extra reverse diffs are stored in the target directory, so you can still...

Cisco Identity Services Engine Periodic Backup Password Disclosure Vulnerability

A vulnerability in the periodic backup functionality of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to discover the password used to encrypt the backup on the system. The vulnerability is due to improper processing of certain client requests by the affected...

Design/Logic Flaw

The periodic-backup feature in Cisco Identity Services Engine ISE allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673...

CVE-2014-8017

Cisco Identity Services Engine (ISE) periodic-backup password disclosure vulnerability (CVE-2014-8017) arises from improper processing of certain client requests. An unauthenticated, remote attacker can trigger a crafted request that causes the backup password to be included in a reply, enabling ...