cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-10310,https://securityvulnerability.io/vulnerability/CVE-2019-10310,,"A cross-site request forgery vulnerability in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins",Jenkins,Jenkins Ansible Tower Plugin,8.8,HIGH,0.002839999971911311,false,,false,false,false,,,false,false,,2019-04-30T12:25:17.000Z,0
CVE-2019-10311,https://securityvulnerability.io/vulnerability/CVE-2019-10311,,"A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.",Jenkins,Jenkins Ansible Tower Plugin,8.8,HIGH,0.0031799999997019768,false,,false,false,false,,,false,false,,2019-04-30T12:25:17.000Z,0
CVE-2019-10312,https://securityvulnerability.io/vulnerability/CVE-2019-10312,,A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.,Jenkins,Jenkins Ansible Tower Plugin,4.3,MEDIUM,0.0012499999720603228,false,,false,false,false,,,false,false,,2019-04-30T12:25:17.000Z,0