cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-24403,https://securityvulnerability.io/vulnerability/CVE-2025-24403,Jenkins Azure Service Fabric Plugin Vulnerability Exposes Azure Credentials,"The Jenkins Azure Service Fabric Plugin, version 1.6 and prior, contains a critical security flaw due to a missing permission check. This vulnerability enables attackers who possess Overall/Read permissions to enumerate credential IDs of Azure credentials stored within Jenkins. This unauthorized access could potentially lead to further exploitation of sensitive data, emphasizing the need for prompt security patches and updates to safeguard configurations.",Jenkins,Jenkins Azure Service Fabric Plugin,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,false,false,false,2025-01-22T17:02:55.460Z,0
CVE-2025-24402,https://securityvulnerability.io/vulnerability/CVE-2025-24402,Cross-Site Request Forgery in Jenkins Azure Service Fabric Plugin by Jenkins,"A cross-site request forgery (CSRF) vulnerability exists in the Jenkins Azure Service Fabric Plugin 1.6 and earlier, allowing attackers to leverage specially crafted requests to connect to a Service Fabric URL. This can be achieved using attacker-specified credential IDs that are obtained through other methods, potentially leading to unauthorized access or manipulation of services.",Jenkins,Jenkins Azure Service Fabric Plugin,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,false,false,false,2025-01-22T17:02:54.831Z,0