cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-27216,https://securityvulnerability.io/vulnerability/CVE-2022-27216,Unencrypted JDBC Passwords Vulnerability in Jenkins dbCharts Plugin,"The Jenkins dbCharts Plugin prior to version 0.5.3 has a significant security flaw where JDBC connection passwords are stored in an unencrypted format within the global configuration file of the Jenkins controller. This configuration file can be accessed by any user with file system permissions to the Jenkins controller, leading to potential unauthorized access to sensitive database credentials. It is crucial for Jenkins administrators to upgrade to at least version 0.5.3 to mitigate the risk associated with this vulnerability and protect sensitive data from exposure.",Jenkins,Jenkins Dbcharts Plugin,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2022-03-15T16:46:08.000Z,0
CVE-2022-25206,https://securityvulnerability.io/vulnerability/CVE-2022-25206,Database Access Vulnerability in Jenkins dbCharts Plugin by Jenkins,"The Jenkins dbCharts Plugin, affecting versions 0.5.2 and earlier, contains a access control flaw that allows users with Overall/Read permissions to connect to an external database via JDBC. This is done using credentials specified by the attacker, potentially giving them unauthorized access to sensitive data within the database.",Jenkins,Jenkins Dbcharts Plugin,8.8,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2022-02-15T16:11:42.000Z,0
CVE-2022-25205,https://securityvulnerability.io/vulnerability/CVE-2022-25205,Cross-Site Request Forgery in Jenkins dbCharts Plugin by Jenkins,"A cross-site request forgery (CSRF) vulnerability exists in the dbCharts Plugin for Jenkins, allowing attackers to exploit the system. If successfully exploited, an attacker can connect to a database of their choosing via JDBC using arbitrary credentials. Additionally, this vulnerability enables attackers to verify the availability of specific classes within the Jenkins instance, potentially exposing sensitive information.",Jenkins,Jenkins Dbcharts Plugin,8.8,HIGH,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-02-15T16:11:41.000Z,0