CVE-2023-37949
- EPSS 0.09%
- Published 12.07.2023 16:15:13
- Last modified 21.11.2024 08:12:31
A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...
CVE-2023-24431
- EPSS 0.18%
- Published 26.01.2023 21:18:17
- Last modified 02.04.2025 15:15:55
A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2023-24432
- EPSS 0.17%
- Published 26.01.2023 21:18:17
- Last modified 02.04.2025 15:15:55
A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturi...
CVE-2023-24433
- EPSS 0.16%
- Published 26.01.2023 21:18:17
- Last modified 02.04.2025 14:15:37
Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, cap...