CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-33001

Jenkins HashiCorp Vault Plugin 360.v0a_1c04cf807d and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.7%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3077
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3077

Products affected by CVE-2023-33001

Jenkins » Hashicorp Vault » Version: Any

cpe:2.3:a:jenkins:hashicorp_vault:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-33001

Products

Pricing

Contact Us