Jenkins Cisco Spark
By the Year
In 2023 there have been 1 vulnerability in Jenkins Cisco Spark with an average score of 4.3 out of ten. Last year Cisco Spark had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Cisco Spark in 2023 could surpass last years number. Interestingly, the average vulnerability score and the number of vulnerabilities for 2023 and last year was the same.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 4.30 |
| 2022 | 1 | 4.30 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Cisco Spark vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Cisco Spark Security Vulnerabilities
A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier
CVE-2023-24451
4.3 - Medium
- January 26, 2023
A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
Jenkins Cisco Spark Plugin 1.1.1 and earlier stores bearer tokens unencrypted in its global configuration file on the Jenkins controller where they
CVE-2022-34808
4.3 - Medium
- June 30, 2022
Jenkins Cisco Spark Plugin 1.1.1 and earlier stores bearer tokens unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Insufficiently Protected Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Cisco Spark or by Jenkins? Click the Watch button to subscribe.
