CVE-2023-50773 Vulnerability Details

  /     /     /  

CVE-2023-50773 Metadata Quick Info

CVE Published: 13/12/2023 | CVE Updated: 02/08/2024 | CVE Year: 2023
Source: jenkins | Vendor: Jenkins Project | Product: Jenkins Dingding JSON Pusher Plugin
Status : PUBLISHED

CVE-2023-50773 Description

Jenkins Dingding JSON Pusher Plugin 2.0 and earlier does not mask access tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name:
Source: Jenkins Project

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description: