6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
35.1%
Jenkins Digital.ai App Management Publisher Plugin is vulnerable to Improper Validations. The vulnerability exists due to not performing permission checks in several HTTP endpoints which allows an attacker with read or overall permissions to capture sensitive data such as stored credentials.
CPE | Name | Operator | Version |
---|---|---|---|
digital.ai app management publisher | le | 2.6 | |
digital.ai app management publisher | le | 2.6 |