Vulnerability Details CVE-2023-46652
A missing permission check in Jenkins lambdatest-automation Plugin 1.20.9 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of LAMBDATEST credentials stored in Jenkins.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.1%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2023-46652
-
cpe:2.3:a:jenkins:lambdatest-automation:-
-
cpe:2.3:a:jenkins:lambdatest-automation:1.10
-
cpe:2.3:a:jenkins:lambdatest-automation:1.14.3
-
cpe:2.3:a:jenkins:lambdatest-automation:1.14.4
-
cpe:2.3:a:jenkins:lambdatest-automation:1.15
-
cpe:2.3:a:jenkins:lambdatest-automation:1.16.1
-
cpe:2.3:a:jenkins:lambdatest-automation:1.16.2
-
cpe:2.3:a:jenkins:lambdatest-automation:1.18
-
cpe:2.3:a:jenkins:lambdatest-automation:1.19
-
cpe:2.3:a:jenkins:lambdatest-automation:1.19.2
-
cpe:2.3:a:jenkins:lambdatest-automation:1.19.3
-
cpe:2.3:a:jenkins:lambdatest-automation:1.19.4
-
cpe:2.3:a:jenkins:lambdatest-automation:1.20.1
-
cpe:2.3:a:jenkins:lambdatest-automation:1.20.4
-
cpe:2.3:a:jenkins:lambdatest-automation:1.20.5
-
cpe:2.3:a:jenkins:lambdatest-automation:1.20.9
-
cpe:2.3:a:jenkins:lambdatest-automation:1.6