cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-25766,https://securityvulnerability.io/vulnerability/CVE-2023-25766,Missing Permission Check in Jenkins Azure Credentials Plugin,"The Jenkins Azure Credentials Plugin suffers from a missing permission check, enabling attackers with Overall/Read permission to enumerate the IDs of credentials stored within Jenkins. This flaw poses a security risk as it allows unauthorized access to sensitive credential information, potentially leading to further exploits within the Jenkins environment.",Jenkins,Jenkins Azure Credentials Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-02-15T00:00:00.000Z,0
CVE-2023-25767,https://securityvulnerability.io/vulnerability/CVE-2023-25767,Cross-Site Request Forgery Vulnerability in Jenkins Azure Credentials Plugin,"A vulnerability in the Azure Credentials Plugin for Jenkins allows for cross-site request forgery, enabling attackers to connect to malicious web servers by exploiting the trust that the Jenkins application has in the user's session. This could result in unauthorized actions being performed without the user's consent, representing a significant security risk for Jenkins users.",Jenkins,Jenkins Azure Credentials Plugin,8.8,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2023-02-15T00:00:00.000Z,0
CVE-2023-25768,https://securityvulnerability.io/vulnerability/CVE-2023-25768,Insecure Permission Handling in Jenkins Azure Credentials Plugin,"The Azure Credentials Plugin for Jenkins exhibits a vulnerability due to a missing permission check that could allow users with Overall/Read permissions to connect to an attacker-defined web server. This flaw could be exploited by malicious actors to perform unauthorized actions, highlighting the need for urgent updates and security assessments within Jenkins environments utilizing this plugin.",Jenkins,Jenkins Azure Credentials Plugin,6.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-02-15T00:00:00.000Z,0
CVE-2019-10303,https://securityvulnerability.io/vulnerability/CVE-2019-10303,,Jenkins Azure PublisherSettings Credentials Plugin 1.2 and earlier stored credentials unencrypted in the credentials.xml file on the Jenkins master where they could be viewed by users with access to the master file system.,Jenkins,Jenkins Azure Publishersettings Credentials Plugin,8.8,HIGH,0.0014400000218302011,false,,false,false,false,,,false,false,,2019-04-18T16:54:18.000Z,0