GHSA-8wgf-3mrj-73x7

Source

https://github.com/advisories/GHSA-8wgf-3mrj-73x7

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-8wgf-3mrj-73x7/GHSA-8wgf-3mrj-73x7.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-8wgf-3mrj-73x7

Aliases

CVE-2023-39154

Published

2023-07-26T15:30:57Z

Modified

2024-02-16T08:16:10.038016Z

Severity

4.2 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

Incorrect permission checks in Qualys Web App Scanning Connector Plugin allow capturing credentials

Details

Qualys Web App Scanning Connector Plugin 2.0.10 and earlier does not correctly perform permission checks in several HTTP endpoints.

This allows attackers with global Item/Configure permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Qualys Web App Scanning Connector Plugin 2.0.11 requires the appropriate permissions for the affected HTTP endpoints.

Database specific

{
    "cwe_ids": [
        "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-26T22:37:36Z",
    "nvd_published_at": "2023-07-26T14:15:10Z",
    "severity": "MODERATE"
}

References

Affected packages

Maven / com.qualys.plugins:qualys-was

Package

Name: com.qualys.plugins:qualys-was; View open source insights on deps.dev
Purl: pkg:maven/com.qualys.plugins/qualys-was

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.11

Affected versions

2.*

2.0.3

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.0.9

2.0.10

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-8wgf-3mrj-73x7/GHSA-8wgf-3mrj-73x7.json"