CVE-2023-41943
06.09.2023, 13:15
Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue.Enginsight
| Vendor | Product | Version |
|---|---|---|
| jenkins | aws_codecommit_trigger | 𝑥 ≤ 3.0.12 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration