Lucene search
Veracode Vulnerability DatabaseVERACODE:30874HistoryJun 08, 2021 - 12:38 p.m.
Cross-Site Request Forgery (CSRF)
2021-06-0812:38:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.001 Low
EPSS
Percentile
26.7%
jenkins config file provider plugin is vulnerable to cross-site request forgery (CSRF). The server did not verify the authenticity of web requests and allows an attacker is able to delete configuration files corresponding to an attacker-specified ID by tricking an authenticated user to visit a malicious website, which would submit the requests on behalf of the user.
Related
osv
osv
CSRF vulnerability in Jenkins Config File Provider Plugin allows deleting configuration files
2022-05-24 17:48:05
CVE-2021-21644
2021-04-21 15:15:08
redhatcve
redhatcve
CVE-2021-21644
2021-08-08 11:20:28
cve
cve
CVE-2021-21644
2021-04-21 15:15:08
prion
prion
Cross site request forgery (csrf)
2021-04-21 15:15:00
github
github
alpinelinux
alpinelinux
CVE-2021-21644
2021-04-21 15:15:08
cvelist
cvelist
CVE-2021-21644
2021-04-21 14:20:31
nvd
nvd
CVE-2021-21644
2021-04-21 15:15:08
redhat
redhat
nessus
nessus
Jenkins Enterprise and Operations Center < 2.249.31.0.1-2 / 2.277.3.1-2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-04-21)
2021-11-19 00:00:00
RHEL 7 : OpenShift Container Platform 4.5.41 (RHSA-2021:2431)
2021-07-02 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.7.13 (RHSA-2021:2122)
2022-09-15 00:00:00