Known Vulnerabilities for Cons3rt by Jenkins
Listed below are 4 of the newest known vulnerabilities associated with "Cons3rt" by "Jenkins".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-41255 json | Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controll... | 6.5 - MEDIUM | 2022-09-21 | 2023-11-01 |
| CVE-2022-41254 json | Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect... | 6.5 - MEDIUM | 2022-09-21 | 2023-11-01 |
| CVE-2022-41253 json | A cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to ... | 8.8 - HIGH | 2022-09-21 | 2023-11-01 |
| CVE-2022-41252 json | Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allows users with Overall/Read permission to enumerate ... | 4.3 - MEDIUM | 2022-09-21 | 2023-11-01 |