VYPR
Moderate severityNVD Advisory· Published Jul 19, 2023· Updated Oct 29, 2024

Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3

CVE-2023-32261

Description

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.plugins:dimensionsscmMaven
< 0.9.3.10.9.3.1

Affected products

2

Patches

Vulnerability mechanics

References

8

News mentions

1