Skip to main content

Cloud Infrastructure Compute

1 CVEs product

Monthly

CVE-2023-37948 Maven LOW PATCH Monitor

Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not validate SSH host keys when connecting OCI clouds, enabling man-in-the-middle attacks. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Jenkins Oracle Information Disclosure Cloud Infrastructure Compute
NVD
CVSS 3.1
3.7
EPSS
0.5%
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not validate SSH host keys when connecting OCI clouds, enabling man-in-the-middle attacks. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Jenkins Oracle Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy