CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Cisco Spark >> 1.1.1 Security Vulnerabilities

CVE-2023-24451

A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

CVSS Score

4.3

EPSS Score

0.002

Published

2023-01-26

CVE-2022-34808

Jenkins Cisco Spark Plugin 1.1.1 and earlier stores bearer tokens unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.

CVSS Score

4.3

EPSS Score

0.005

Published

2022-06-30

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Cisco Spark >> 1.1.1 Security Vulnerabilities

Products

Pricing

Contact Us