Skip to main content

Thycotic Secret Server

1 CVEs product

Monthly

CVE-2023-30518 Maven MEDIUM This Month

A missing permission check in Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Thycotic Secret Server
NVD
CVSS 3.1
4.3
EPSS
0.5%
EPSS 1% CVSS 4.3
MEDIUM This Month

A missing permission check in Jenkins Thycotic Secret Server Plugin 1.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Thycotic Secret Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy