Lucene search
PRIOn knowledge basePRION:CVE-2023-24449HistoryJan 26, 2023 - 9:18 p.m.
Design/Logic Flaw
2023-01-2621:18:00
PRIOn knowledge base
www.prio-n.com
3
jenkins
pwauth security
validation methods
attacker
controller file system
logic flaw
Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pwauth_security_realm | le | 0.4 |
Related
osv
osv
Path traversal vulnerability in Jenkins PWauth Security Realm Plugin
2023-01-26 21:30:18
CVE-2023-24449
2023-01-26 21:18:18
nvd
nvd
CVE-2023-24449
2023-01-26 21:18:18
cvelist
cvelist
CVE-2023-24449
2023-01-24 00:00:00
github
github
Path traversal vulnerability in Jenkins PWauth Security Realm Plugin
2023-01-26 21:30:18
cve
cve
CVE-2023-24449
2023-01-26 21:18:18
nessus
nessus