cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-37952,https://securityvulnerability.io/vulnerability/CVE-2023-37952,Cross-Site Request Forgery Vulnerability in Jenkins mabl Plugin,"A cross-site request forgery (CSRF) vulnerability in the Jenkins mabl Plugin versions 0.0.46 and earlier exposes users to significant security risks. This flaw allows attackers to execute requests using credentials they have obtained from other methods, potentially gaining access to sensitive information stored within Jenkins. By exploiting this vulnerability, an attacker could direct the Jenkins server to connect to a URL of their choosing, using the compromised user credentials. It's crucial for users of the mabl Plugin to update to the latest version to mitigate the effects of this vulnerability.",Jenkins,Jenkins Mabl Plugin,6.5,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2023-07-12T16:15:00.000Z,0
CVE-2023-37953,https://securityvulnerability.io/vulnerability/CVE-2023-37953,Missing Permission Check in Jenkins mabl Plugin Allows Credential Exploitation,"A security weakness in the Jenkins mabl Plugin prior to version 0.0.46 allows any attacker with Overall/Read permissions to initiate connections to arbitrary URLs. This exploitation is enabled by the use of attacker-specified credentials IDs, which can be acquired by various means, leading to unauthorized access and potential compromise of sensitive Jenkins credentials.",Jenkins,Jenkins Mabl Plugin,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-07-12T16:15:00.000Z,0
CVE-2023-37950,https://securityvulnerability.io/vulnerability/CVE-2023-37950,Jenkins mabl Plugin Vulnerability Affects Credential Security,"A missing permission check in the Jenkins mabl Plugin versions 0.0.46 and earlier exposes a significant security flaw. This vulnerability enables attackers with only Overall/Read permissions to gain access to sensitive information, specifically allowing them to enumerate credentials IDs stored within Jenkins, which can lead to further exploits and unauthorized data access.",Jenkins,Jenkins Mabl Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-07-12T16:15:00.000Z,0
CVE-2023-37951,https://securityvulnerability.io/vulnerability/CVE-2023-37951,Credential Access Vulnerability in Jenkins mabl Plugin by Jenkins,"The mabl Plugin for Jenkins, specifically versions 0.0.46 and earlier, does not implement proper context for credential lookup. This vulnerability can be exploited by attackers possessing Item/Configure permissions, which allows them to gain unauthorized access to sensitive credentials. Following exploits, malicious actors can capture and exploit these credentials to compromise the security of affected systems. It is crucial for Jenkins users to review the security advisory and ensure that they are using updated versions of this plugin.",Jenkins,Jenkins Mabl Plugin,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-07-12T16:15:00.000Z,0
CVE-2019-10283,https://securityvulnerability.io/vulnerability/CVE-2019-10283,,"Jenkins mabl Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.",Jenkins,Jenkins Mabl Plugin,8.8,HIGH,0.0031799999997019768,false,,false,false,false,,,false,false,,2019-04-04T15:38:49.000Z,0