Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins cloudbees aws credentials vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2022-27198
A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and previous versions allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token.
Jenkins Cloudbees Aws Credentials 1.32
Jenkins Cloudbees Aws Credentials
4.3
CVSSv3
CVE-2021-21625
Jenkins CloudBees AWS Credentials Plugin 1.28 and previous versions does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins in some circumstances.
Jenkins Cloudbees Aws Credentials
4.3
CVSSv3
CVE-2022-27199
A missing permission check in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and previous versions allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token.
Jenkins Cloudbees Aws Credentials
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started