Jenkins Chef Identity Plugin <=2.0.3: Unmasked user.pem Key Exposure
CVE-2023-39155 Published on July 26, 2023

Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it.

Vendor Advisory NVD

Products Associated with CVE-2023-39155

Want to know whenever a new CVE is published for Jenkins Chef Identity? stack.watch will email you.

Jenkins Chef Identity

Affected Versions

Jenkins Project Jenkins Chef Identity Plugin:

Before and including 2.0.3 is affected.

Exploit Probability

EPSS

0.08%

Percentile

23.67%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jenkins Chef Identity Plugin <=2.0.3: Unmasked user.pem Key ExposureCVE-2023-39155 Published on July 26, 2023

Products Associated with CVE-2023-39155

Affected Versions

Exploit Probability

Jenkins Chef Identity Plugin <=2.0.3: Unmasked user.pem Key Exposure
CVE-2023-39155 Published on July 26, 2023