OpenCVE

Filtered by vendor Jenkins Subscriptions

Filtered by product Azure Credentials Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-25768	1 Jenkins	1 Azure Credentials	2024-08-02	6.5 Medium
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.
CVE-2023-25767	1 Jenkins	1 Azure Credentials	2024-08-02	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server.
CVE-2023-25766	1 Jenkins	1 Azure Credentials	2024-08-02	4.3 Medium
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

Page 1 of 1.