cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-28162,https://securityvulnerability.io/vulnerability/CVE-2024-28162,SSL/TLS Certificate Validation Bypass in Jenkins Delphix Plugin,In Jenkins Delphix Plugin 3.0.1 through 3.1.0 (both inclusive) a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation.,Jenkins,Jenkins Delphix Plugin,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-06T17:02:02.667Z,0
CVE-2024-28161,https://securityvulnerability.io/vulnerability/CVE-2024-28161,Disabling SSL/TLS Certificate Validation for Data Control Tower Connections,"In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections is disabled by default.",Jenkins,Jenkins Delphix Plugin,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-06T17:02:02.033Z,0
CVE-2023-40345,https://securityvulnerability.io/vulnerability/CVE-2023-40345,Credential Enumeration Vulnerability in Jenkins Delphix Plugin by Delphix,"The Jenkins Delphix Plugin versions 3.0.2 and earlier have a vulnerability that allows attackers with Overall/Read permission to inadvertently access and capture sensitive credentials. This issue stems from improper context settings during credentials lookup, which can potentially expose authentication details that should be restricted. Organizations using this plugin should promptly update to mitigate the risk of unauthorized credential access.",Jenkins,Jenkins Delphix Plugin,6.5,MEDIUM,0.0012199999764561653,false,,false,false,false,,,false,false,,2023-08-16T15:15:00.000Z,0
CVE-2023-40344,https://securityvulnerability.io/vulnerability/CVE-2023-40344,Jenkins Delphix Plugin Vulnerability Allows Credential Enumeration,"The Jenkins Delphix Plugin prior to version 3.0.2 contains a vulnerability that allows users with Overall/Read permission to potentially enumerate credentials IDs. This flaw arises due to a lack of proper permission checks, exposing sensitive data stored in Jenkins. Organizations using the affected versions should assess their security posture and consider implementing updates to mitigate risks related to unauthorized credential access.",Jenkins,Jenkins Delphix Plugin,4.3,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2023-08-16T15:15:00.000Z,0
CVE-2019-10453,https://securityvulnerability.io/vulnerability/CVE-2019-10453,,Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.,Jenkins,Jenkins Delphix Plugin,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-10-16T13:00:52.000Z,0