CVE-2021-21664 is a vulnerability in Jenkins Xebialabs Xl Deploy
Published on June 10, 2021

An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in Jenkins.

NVD

Products Associated with CVE-2021-21664

Want to know whenever a new CVE is published for Jenkins Xebialabs Xl Deploy? stack.watch will email you.

Jenkins Xebialabs Xl Deploy

Affected Versions

Jenkins project Jenkins XebiaLabs XL Deploy Plugin:

Version 7.5.9 and below unspecified is affected.
Version unspecified, <= 10.0.1 is affected.

Exploit Probability

EPSS

0.05%

Percentile

14.37%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-21664 is a vulnerability in Jenkins Xebialabs Xl DeployPublished on June 10, 2021

Products Associated with CVE-2021-21664

Affected Versions

Exploit Probability

CVE-2021-21664 is a vulnerability in Jenkins Xebialabs Xl Deploy
Published on June 10, 2021