cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-25193,https://securityvulnerability.io/vulnerability/CVE-2022-25193,Unauthorized Access Risk in Jenkins Snow Commander Plugin by Jenkins,"The Jenkins Snow Commander Plugin, in versions 1.10 and earlier, contains a security flaw due to inadequate permission validation. This vulnerability permits users with Overall/Read permissions to connect to arbitrary webservers using attacker-defined credential IDs. As a consequence, this can lead to unauthorized access to sensitive credentials stored within Jenkins, heightening risks of credential exposure and potential system compromise.",Jenkins,Jenkins Snow Commander Plugin,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-02-15T16:11:21.000Z,0
CVE-2022-25192,https://securityvulnerability.io/vulnerability/CVE-2022-25192,CSRF Vulnerability in Jenkins Snow Commander Plugin,"A cross-site request forgery (CSRF) vulnerability exists in the Jenkins Snow Commander Plugin version 1.10 and earlier. This flaw allows attackers to send unauthorized requests to the Jenkins server, potentially leading to credential theft. By leveraging this vulnerability, attackers can connect to a malicious web server using credentials obtained through other means, compromising the security of Jenkins user accounts.",Jenkins,Jenkins Snow Commander Plugin,8.8,HIGH,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-02-15T16:11:20.000Z,0