Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Jenkins Subscribe
Filtered by product Orka By Macstadium
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-24431 1 Jenkins 1 Orka By Macstadium 2023-02-02 N/A 4.3 MEDIUM
A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2023-24433 1 Jenkins 1 Orka By Macstadium 2023-02-02 N/A 6.5 MEDIUM
Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2023-24432 1 Jenkins 1 Orka By Macstadium 2023-02-02 N/A 8.8 HIGH
A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.