NotCVE - vendor:"Jenkins" product:"Azure Credentials"

4 results (0.003 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-25766

https://notcve.org/view.php?id=CVE-2023-25766

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. • http://www.openwall.com/lists/oss-security/2023/02/15/4 https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-1757 • CWE-862: Missing Authorization •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-25768

https://notcve.org/view.php?id=CVE-2023-25768

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server. • http://www.openwall.com/lists/oss-security/2023/02/15/4 https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-1756 • CWE-862: Missing Authorization •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-25767

https://notcve.org/view.php?id=CVE-2023-25767

A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server. • http://www.openwall.com/lists/oss-security/2023/02/15/4 https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-1756 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-10303

https://notcve.org/view.php?id=CVE-2019-10303

Jenkins Azure PublisherSettings Credentials Plugin 1.2 and earlier stored credentials unencrypted in the credentials.xml file on the Jenkins master where they could be viewed by users with access to the master file system. Jenkins Azure PublisherSettings Credentials Plugin version 1.2 y anteriores, tiene las credenciales almacenadas sin cifrar en el archivo credenciales.xml en el servidor maestro de Jenkins donde pueden ser vistas por los usuarios con acceso al sistema de archivos maestro. • http://www.securityfocus.com/bid/108045 https://jenkins.io/security/advisory/2019-04-17/#SECURITY-844 • CWE-522: Insufficiently Protected Credentials •