CVE-2023-49656

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 29, 2023

Updated: Dec 5, 2023

CWE ID 611

Summary

CVE-2023-49656 is a vulnerability affecting the Jenkins MATLAB Plugin version 2.11.0 and earlier. The issue involves inadequate configuration of the XML parser, making it susceptible to XML External Entity (XXE) attacks. An attacker can exploit this vulnerability to gain unauthorized access to sensitive data or execute arbitrary code on the affected system. The vulnerability poses a significant risk to organizations using the Jenkins MATLAB Plugin and encourages users to upgrade to a secure version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tml9Wg
https://www.cve.org/CVERecord?id=CVE-2023-49656
https://nvd.nist.gov/vuln/detail/CVE-2023-49656

Back to Vulnerability Database

CVE-2023-49656

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations