Jenkins Azure Vm Agents
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Azure Vm Agents . Last year Azure Vm Agents had 3 security vulnerabilities published. Right now, Azure Vm Agents is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 3 | 6.53 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 3 | 5.03 |
2018 | 0 | 0.00 |
It may take a day or so for new Azure Vm Agents vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Azure Vm Agents Security Vulnerabilities
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier
CVE-2023-32990
6.5 - Medium
- May 16, 2023
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method.
Incorrect Permission Assignment for Critical Resource
A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier
CVE-2023-32989
8.8 - High
- May 16, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method.
Session Riding
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier
CVE-2023-32988
4.3 - Medium
- May 16, 2023
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Insufficiently Protected Credentials
An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgentTemplate.java, src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java
CVE-2019-1003035
4.3 - Medium
- March 08, 2019
An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgentTemplate.java, src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to perform the 'verify configuration' form validation action, thereby obtaining limited information about the Azure configuration.
AuthZ
A data modification vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgent.java
CVE-2019-1003036
4.3 - Medium
- March 08, 2019
A data modification vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgent.java that allows attackers with Overall/Read permission to attach a public IP address to an Azure VM agent.
AuthZ
An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java
CVE-2019-1003037
6.5 - Medium
- March 08, 2019
An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Azure Vm Agents or by Jenkins? Click the Watch button to subscribe.