CVE-2023-32990
CVSS v3.1
6.5 (Medium)
EPSS
0.05 % (18th)
Affected Products
1
Advisories
2
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method.
Weaknesses
- CWE-732
- Incorrect Permission Assignment for Critical Resource
- CVE Status
- PUBLISHED
- CNA
- Jenkins Project
- Published Date
-
2023-05-16 17:15:11
(16 months ago) - Updated Date
-
2023-05-26 02:13:30
(16 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...