CVE-2023-35149
EUVD-2023-170314.06.2023, 13:15
A missing permission check in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| jenkins | digital.ai_app_management_publisher | 𝑥 ≤ 2.6 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration