Jenkins mabl Plugin 0.0.46 Missing Permission Check Enables Credential Enumeration
CVE-2023-37950 Published on July 12, 2023

A missing permission check in Jenkins mabl Plugin 0.0.46 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

Vendor Advisory NVD

Products Associated with CVE-2023-37950

Want to know whenever a new CVE is published for Jenkins Mabl? stack.watch will email you.

Jenkins Mabl

Affected Versions

Jenkins Project Jenkins mabl Plugin:

Before and including 0.0.46 is affected.

Exploit Probability

EPSS

0.07%

Percentile

22.27%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jenkins mabl Plugin 0.0.46 Missing Permission Check Enables Credential EnumerationCVE-2023-37950 Published on July 12, 2023

Products Associated with CVE-2023-37950

Affected Versions

Exploit Probability

Jenkins mabl Plugin 0.0.46 Missing Permission Check Enables Credential Enumeration
CVE-2023-37950 Published on July 12, 2023