Количество 2
Количество 2
CVE-2022-25193
Missing permission checks in Jenkins Snow Commander Plugin 1.10 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
GHSA-2phq-ghf8-6586
Jenkins Snow Commander Plugin prior to 2.0 vulnerable to Missing Authorization
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-25193 Missing permission checks in Jenkins Snow Commander Plugin 1.10 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
| GHSA-2phq-ghf8-6586 Jenkins Snow Commander Plugin prior to 2.0 vulnerable to Missing Authorization | CVSS3: 5.4 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу