CVE-2021-21663 is a vulnerability in Jenkins Xebialabs Xl Deploy
Published on June 10, 2021

A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 7.5.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in Jenkins.

NVD

Products Associated with CVE-2021-21663

Want to know whenever a new CVE is published for Jenkins Xebialabs Xl Deploy? stack.watch will email you.

Jenkins Xebialabs Xl Deploy

Affected Versions

Jenkins project Jenkins XebiaLabs XL Deploy Plugin:

Version 7.5.6 and below unspecified is affected.
Version unspecified, <= 7.5.8 is affected.

Exploit Probability

EPSS

0.12%

Percentile

30.51%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-21663 is a vulnerability in Jenkins Xebialabs Xl DeployPublished on June 10, 2021

Products Associated with CVE-2021-21663

Affected Versions

Exploit Probability

CVE-2021-21663 is a vulnerability in Jenkins Xebialabs Xl Deploy
Published on June 10, 2021