CVE-2019-10438 is a vulnerability in Jenkins Crx Content Package Deployer
Published on October 16, 2019

A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

NVD

Products Associated with CVE-2019-10438

Want to know whenever a new CVE is published for Jenkins Crx Content Package Deployer? stack.watch will email you.

Jenkins Crx Content Package Deployer

Affected Versions

Jenkins project Jenkins CRX Content Package Deployer Plugin Version 1.8.1 and earlier is affected by CVE-2019-10438

Exploit Probability

EPSS

0.05%

Percentile

14.72%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-10438 is a vulnerability in Jenkins Crx Content Package DeployerPublished on October 16, 2019

Products Associated with CVE-2019-10438

Affected Versions

Exploit Probability

CVE-2019-10438 is a vulnerability in Jenkins Crx Content Package Deployer
Published on October 16, 2019