4 matches found
CVE-2024-38329
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. By sending a specially crafted request, an attacker could exploit this...
CVE-2024-38329
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. By sending a specially crafted request, an attacker could exploit this...
Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings
The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to it...
CVE-2017-1000086
Summary: Multiple sources report a vulnerability in the Jenkins Periodic Backup Plugin (CVE-2017-1000086) involving missing permission checks and CSRF exposure. Affected component: Jenkins Periodic Backup Plugin (version 1.4 and earlier, per CNVD/CVE references). Root cause (as stated): The plugi...