cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-27199,https://securityvulnerability.io/vulnerability/CVE-2022-27199,Missing Permission Check in Jenkins CloudBees AWS Credentials Plugin,"The Jenkins CloudBees AWS Credentials Plugin has a vulnerability due to a missing permission check, enabling attackers with Overall/Read permission to connect to AWS services using an attacker-specified token. This could lead to unauthorized access and potential exploitation of AWS resources, compromising the security of the hosting environment.",Jenkins,Jenkins Cloudbees Aws Credentials Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-03-15T16:45:43.000Z,0
CVE-2022-27198,https://securityvulnerability.io/vulnerability/CVE-2022-27198,CSRF Vulnerability in Jenkins CloudBees AWS Credentials Plugin,"A cross-site request forgery (CSRF) vulnerability has been identified in the Jenkins CloudBees AWS Credentials Plugin, enabling attackers with Overall/Read permission to initiate actions on AWS services using an attacker-defined token. This security flaw could allow unauthorized access, potentially compromising AWS credentials and exposing sensitive data.",Jenkins,Jenkins Cloudbees Aws Credentials Plugin,8,HIGH,0.0007800000021234155,false,,false,false,false,,,false,false,,2022-03-15T16:45:41.000Z,0
CVE-2021-21625,https://securityvulnerability.io/vulnerability/CVE-2021-21625,,"Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins in some circumstances.",Jenkins,Jenkins Cloudbees Aws Credentials Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-03-18T13:35:23.000Z,0