Lucene search

K
vulnrichmentJenkinsVULNRICHMENT:CVE-2023-41932
HistorySep 06, 2023 - 12:08 p.m.

CVE-2023-41932

2023-09-0612:08:53
jenkins
github.com
jenkins
configuration history plugin
1227.v7a_79fc4dc01f
deletion
directories
file system

AI Score

6.6

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict ‘timestamp’ query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called ‘history.xml’.

AI Score

6.6

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2023-41932