CVE-2023-40344

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Aug 16, 2023
Updated: Oct 20, 2023
CWE ID 862

Summary

CVE-2023-40344 is a vulnerability affecting the Jenkins Delphix Plugin version 3.0.2 and earlier. This issue involves a missing permission check, which grants attackers with Overall/Read access to enumerate the IDs of credentials stored within Jenkins. Unauthorized access to these credentials could lead to potentially serious security consequences, making it important for users to update their plugins to a secure version.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share