Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jenkins 插件权限许可和访问控制问题漏洞
Vulnerability Description
Jenkins 插件是为Jenkins提供相应功能得插件。 Jenkins Checkmarx 插件 2022.1.2 及更早版本中存在安全漏洞,该漏洞允许具有总体/读取权限的攻击者使用通过另一种方法获取的攻击者指定的凭据 ID 连接到攻击者指定的网络服务器,捕获存储在 Jenkins 中的凭据。
CVSS Information
N/A
Vulnerability Type
N/A