CVE-2023-37944 in Datadog Pluginالمعلومات

الملخص

بحسب MITRE • 12/07/2023

A missing permission check in Jenkins Datadog Plugin 5.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

11/07/2023

إفشاء

12/07/2023

الاعتدال

تمت الموافقة

إدخال

VDB-233905

EPSS

0.00691

KEV

لا

النشاطات

منخفض جدًا

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!