CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Jenkins: >> Libvirt Slaves >> 1.2 Security Vulnerabilities

CVE-2019-10471

A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVSS Score

8.8

EPSS Score

0.001

Published

2019-10-23

CVE-2019-10472

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVSS Score

6.5

EPSS Score

0.0

Published

2019-10-23

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

CVSS Score

4.3

EPSS Score

0.0

Published

2019-10-23

Page 1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved