Skip to main content

Cloudbees Aws Credentials

3 CVEs product

Monthly

CVE-2022-27199 Maven MEDIUM PATCH This Month

A missing permission check in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Cloudbees Aws Credentials
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-27198 Maven HIGH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Jenkins Cloudbees Aws Credentials
NVD
CVSS 3.1
8.0
EPSS
0.5%
CVE-2021-21625 Maven MEDIUM PATCH This Month

Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Cloudbees Aws Credentials
NVD
CVSS 3.1
4.3
EPSS
0.7%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A missing permission check in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Cloudbees Aws Credentials
NVD
EPSS 0% CVSS 8.0
HIGH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Jenkins Cloudbees Aws Credentials
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Cloudbees Aws Credentials
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy