CVE-2023-37942

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jul 12, 2023
Updated: Jul 20, 2023
CWE ID 611

Summary

CVE-2023-37942, also known as Jenkins External Monitor Job Type Plugin 206.v9a_94ff0b_4a_10 and earlier, is a vulnerability that allows for XML external entity (XXE) attacks. This vulnerability affects various products, including 'sDv48U', 'o6ogwq', 'o6ogwr', 'o6ogws', 'o6ogwt', 'o6ogwu', 'o6ogwv', 'nelN8t', 'o6ogww', 'o6ogwx', 'o6ogwy', 'o6ogwz', 'o6ogw0', and 'o6ogw1'. The risk score for this vulnerability is 26. It has a medium base severity with low privileges required and no user interaction needed. The attack vector is through the network, with high integrity impact but no confidentiality impact. Organizations should apply the necessary patches or updates to remediate this vulnerability and prevent potential exploitation.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-37942 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options