Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins cloudbees aws credentials vulnerabilities and exploits
(subscribe to this query)
534
VMScore
CVE-2022-27198
A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and previous versions allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token.
Jenkins Cloudbees Aws Credentials 1.32
Jenkins Cloudbees Aws Credentials
356
VMScore
CVE-2021-21625
Jenkins CloudBees AWS Credentials Plugin 1.28 and previous versions does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins in some circumstances.
Jenkins Cloudbees Aws Credentials
356
VMScore
CVE-2022-27199
A missing permission check in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and previous versions allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token.
Jenkins Cloudbees Aws Credentials
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started