Jenkins Azure Credentials
By the Year
In 2023 there have been 3 vulnerabilities in Jenkins Azure Credentials with an average score of 6.5 out of ten. Azure Credentials did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 3 | 6.53 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Azure Credentials vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Azure Credentials Security Vulnerabilities
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier
CVE-2023-25766
4.3 - Medium
- February 15, 2023
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier
CVE-2023-25768
6.5 - Medium
- February 15, 2023
A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier
CVE-2023-25767
8.8 - High
- February 15, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Azure Credentials or by Jenkins? Click the Watch button to subscribe.
