AWS Creds Enumeration Flaw in Jenkins AWS CodeCommit Trigger Plugin <3.0.12
CVE-2023-41941 Published on September 6, 2023

A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins.

Vendor Advisory NVD

Products Associated with CVE-2023-41941

Want to know whenever a new CVE is published for Jenkins Aws Codecommit Trigger? stack.watch will email you.

Jenkins Aws Codecommit Trigger

Affected Versions

Jenkins Project Jenkins AWS CodeCommit Trigger Plugin:

Before and including 3.0.12 is affected.

Exploit Probability

EPSS

0.07%

Percentile

21.28%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

AWS Creds Enumeration Flaw in Jenkins AWS CodeCommit Trigger Plugin <3.0.12CVE-2023-41941 Published on September 6, 2023

Products Associated with CVE-2023-41941

Affected Versions

Exploit Probability

AWS Creds Enumeration Flaw in Jenkins AWS CodeCommit Trigger Plugin <3.0.12
CVE-2023-41941 Published on September 6, 2023