CVE-2023-50773 Vulnerability Details
/
/
/
CVE-2023-50773 Metadata Quick Info
CVE Published: 13/12/2023 |
CVE Updated: 02/08/2024 |
CVE Year: 2023
Source: jenkins |
Vendor: Jenkins Project |
Product: Jenkins Dingding JSON Pusher Plugin
Status : PUBLISHED
CVE-2023-50773 Description
Jenkins Dingding JSON Pusher Plugin 2.0 and earlier does not mask access tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Metrics
CVSS Version: 3.1 |
Base Score: n/a
Vector: n/a
l➤ Exploitability Metrics:
Attack Vector (AV)*
Attack Complexity (AC)*
Privileges Required (PR)*
User Interaction (UI)*
Scope (S)*
l➤ Impact Metrics:
Confidentiality Impact (C)*
Integrity Impact (I)*
Availability Impact (A)*
Weakness Enumeration (CWE)
CWE-ID:
CWE Name:
Source: Jenkins Project
Common Attack Pattern Enumeration and Classification (CAPEC)
CAPEC-ID:
CAPEC Description: