Skip to main content

Benchmark Evaluator

2 CVEs product

Monthly

CVE-2023-37963 Maven MEDIUM This Month

A missing permission check in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Benchmark Evaluator
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-37962 Maven HIGH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins CSRF Benchmark Evaluator
NVD
CVSS 3.1
8.8
EPSS
0.5%
EPSS 1% CVSS 5.4
MEDIUM This Month

A missing permission check in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Benchmark Evaluator
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins CSRF Benchmark Evaluator
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy