CVE-2023-32263
19.07.2023, 16:15
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when the Jenkins plugin is configured to use login certificate credentials. https://www.jenkins.io/security/advisory/2023-06-14/Enginsight
| Vendor | Product | Version |
|---|---|---|
| microfocus | dimensions_cm | 0.8.17 ≤ 𝑥 ≤ 0.9.3 |
𝑥
= Vulnerable software versions