CVE-2023-43494

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-43494

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-43494.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-43494

Aliases

Published

2023-09-20T17:15:11Z

Modified

2024-09-03T04:34:16.793756Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered.

References

Affected packages

Git / github.com/jenkinsci/jenkins

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/jenkins
Events: Introduced

c71a9ef88b0ad1aa33662545ecf91068df57ce79

Fixed

4e4eba6c30a3882e33c27fde0b6f158f5408a73f

Affected versions

jenkins-2.*

jenkins-2.100

jenkins-2.101

jenkins-2.102

jenkins-2.103

jenkins-2.104

jenkins-2.105

jenkins-2.106

jenkins-2.107

jenkins-2.107.1

jenkins-2.107.2

jenkins-2.107.3

jenkins-2.108

jenkins-2.109

jenkins-2.110

jenkins-2.111

jenkins-2.112

jenkins-2.113

jenkins-2.114

jenkins-2.115

jenkins-2.116

jenkins-2.117

jenkins-2.118

jenkins-2.119

jenkins-2.120

jenkins-2.121

jenkins-2.121.1

jenkins-2.121.2

jenkins-2.121.3

jenkins-2.122

jenkins-2.124

jenkins-2.125

jenkins-2.126

jenkins-2.127

jenkins-2.128

jenkins-2.129

jenkins-2.130

jenkins-2.131

jenkins-2.132

jenkins-2.133

jenkins-2.134

jenkins-2.135

jenkins-2.136

jenkins-2.137

jenkins-2.138

jenkins-2.138.1

jenkins-2.138.2

jenkins-2.138.3

jenkins-2.138.4

jenkins-2.140

jenkins-2.141

jenkins-2.142

jenkins-2.143

jenkins-2.144

jenkins-2.145

jenkins-2.146

jenkins-2.147

jenkins-2.148

jenkins-2.149

jenkins-2.150

jenkins-2.150.1

jenkins-2.150.2

jenkins-2.150.3

jenkins-2.151

jenkins-2.152

jenkins-2.153

jenkins-2.154

jenkins-2.155

jenkins-2.156

jenkins-2.157

jenkins-2.158

jenkins-2.159

jenkins-2.160

jenkins-2.161

jenkins-2.162

jenkins-2.163

jenkins-2.164

jenkins-2.164.1

jenkins-2.164.2

jenkins-2.164.3

jenkins-2.165

jenkins-2.166

jenkins-2.167

jenkins-2.168

jenkins-2.169

jenkins-2.170

jenkins-2.171

jenkins-2.172

jenkins-2.173

jenkins-2.174

jenkins-2.175

jenkins-2.176

jenkins-2.176.1

jenkins-2.176.2

jenkins-2.176.3

jenkins-2.176.4

jenkins-2.177

jenkins-2.178

jenkins-2.179

jenkins-2.180

jenkins-2.181

jenkins-2.182

jenkins-2.183

jenkins-2.184

jenkins-2.185

jenkins-2.186

jenkins-2.187

jenkins-2.189

jenkins-2.190

jenkins-2.190.1

jenkins-2.190.2

jenkins-2.190.3

jenkins-2.191

jenkins-2.192

jenkins-2.193

jenkins-2.194

jenkins-2.195

jenkins-2.196

jenkins-2.197

jenkins-2.198

jenkins-2.199

jenkins-2.200

jenkins-2.201

jenkins-2.202

jenkins-2.203

jenkins-2.204

jenkins-2.204.1

jenkins-2.204.2

jenkins-2.204.3

jenkins-2.204.4

jenkins-2.204.5

jenkins-2.204.6

jenkins-2.205

jenkins-2.206

jenkins-2.207

jenkins-2.208

jenkins-2.209

jenkins-2.210

jenkins-2.211

jenkins-2.212

jenkins-2.213

jenkins-2.214

jenkins-2.215

jenkins-2.216

jenkins-2.217

jenkins-2.218

jenkins-2.219

jenkins-2.220

jenkins-2.221

jenkins-2.222

jenkins-2.222.1

jenkins-2.222.3

jenkins-2.222.4

jenkins-2.223

jenkins-2.224

jenkins-2.225

jenkins-2.226

jenkins-2.227

jenkins-2.228

jenkins-2.229

jenkins-2.230

jenkins-2.231

jenkins-2.232

jenkins-2.233

jenkins-2.234

jenkins-2.235

jenkins-2.235.1

jenkins-2.235.2

jenkins-2.235.3

jenkins-2.236

jenkins-2.237

jenkins-2.238

jenkins-2.239

jenkins-2.240

jenkins-2.241

jenkins-2.242

jenkins-2.243

jenkins-2.244

jenkins-2.245

jenkins-2.246

jenkins-2.247

jenkins-2.248

jenkins-2.249

jenkins-2.250

jenkins-2.251

jenkins-2.252

jenkins-2.253

jenkins-2.254

jenkins-2.255

jenkins-2.256

jenkins-2.257

jenkins-2.258

jenkins-2.259

jenkins-2.260

jenkins-2.261

jenkins-2.262

jenkins-2.263

jenkins-2.264

jenkins-2.265

jenkins-2.266

jenkins-2.267

jenkins-2.268

jenkins-2.269

jenkins-2.270

jenkins-2.271

jenkins-2.272

jenkins-2.273

jenkins-2.274

jenkins-2.275

jenkins-2.276

jenkins-2.277

jenkins-2.278

jenkins-2.279

jenkins-2.280

jenkins-2.281

jenkins-2.282

jenkins-2.283

jenkins-2.284

jenkins-2.285

jenkins-2.286

jenkins-2.287

jenkins-2.288

jenkins-2.289

jenkins-2.290

jenkins-2.291

jenkins-2.292

jenkins-2.293

jenkins-2.294

jenkins-2.295

jenkins-2.296

jenkins-2.297

jenkins-2.298

jenkins-2.299

jenkins-2.300

jenkins-2.301

jenkins-2.302

jenkins-2.303

jenkins-2.304

jenkins-2.305

jenkins-2.306

jenkins-2.307

jenkins-2.308

jenkins-2.309

jenkins-2.310

jenkins-2.311

jenkins-2.312

jenkins-2.313

jenkins-2.314

jenkins-2.315

jenkins-2.316

jenkins-2.317

jenkins-2.318

jenkins-2.319

jenkins-2.32.2

jenkins-2.32.3

jenkins-2.320

jenkins-2.321

jenkins-2.322

jenkins-2.323

jenkins-2.324

jenkins-2.325

jenkins-2.326

jenkins-2.327

jenkins-2.328

jenkins-2.329

jenkins-2.330

jenkins-2.331

jenkins-2.332

jenkins-2.333

jenkins-2.334

jenkins-2.335

jenkins-2.336

jenkins-2.337

jenkins-2.338

jenkins-2.339

jenkins-2.340

jenkins-2.341

jenkins-2.342

jenkins-2.343

jenkins-2.344

jenkins-2.345

jenkins-2.346

jenkins-2.347

jenkins-2.348

jenkins-2.349

jenkins-2.350

jenkins-2.351

jenkins-2.352

jenkins-2.353

jenkins-2.354

jenkins-2.355

jenkins-2.356

jenkins-2.357

jenkins-2.358

jenkins-2.359

jenkins-2.360

jenkins-2.361

jenkins-2.362

jenkins-2.363

jenkins-2.364

jenkins-2.365

jenkins-2.366

jenkins-2.367

jenkins-2.368

jenkins-2.369

jenkins-2.370

jenkins-2.371

jenkins-2.372

jenkins-2.373

jenkins-2.374

jenkins-2.375

jenkins-2.376

jenkins-2.377

jenkins-2.378

jenkins-2.379

jenkins-2.380

jenkins-2.381

jenkins-2.382

jenkins-2.383

jenkins-2.384

jenkins-2.385

jenkins-2.386

jenkins-2.387

jenkins-2.388

jenkins-2.389

jenkins-2.390

jenkins-2.391

jenkins-2.392

jenkins-2.393

jenkins-2.394

jenkins-2.395

jenkins-2.396

jenkins-2.397

jenkins-2.398

jenkins-2.399

jenkins-2.400

jenkins-2.401

jenkins-2.402

jenkins-2.403

jenkins-2.404

jenkins-2.405

jenkins-2.406

jenkins-2.407

jenkins-2.408

jenkins-2.409

jenkins-2.410

jenkins-2.411

jenkins-2.412

jenkins-2.413

jenkins-2.414

jenkins-2.415

jenkins-2.416

jenkins-2.417

jenkins-2.418

jenkins-2.419

jenkins-2.420

jenkins-2.421

jenkins-2.422

jenkins-2.423

jenkins-2.46.1

jenkins-2.46.2

jenkins-2.46.3

jenkins-2.50

jenkins-2.51

jenkins-2.52

jenkins-2.53

jenkins-2.54

jenkins-2.55

jenkins-2.56

jenkins-2.57

jenkins-2.58

jenkins-2.59

jenkins-2.60

jenkins-2.60.1

jenkins-2.60.2

jenkins-2.60.3

jenkins-2.61

jenkins-2.62

jenkins-2.63

jenkins-2.64

jenkins-2.65

jenkins-2.66

jenkins-2.67

jenkins-2.68

jenkins-2.69

jenkins-2.70

jenkins-2.71

jenkins-2.72

jenkins-2.73

jenkins-2.73.1

jenkins-2.73.2

jenkins-2.73.3

jenkins-2.74

jenkins-2.75

jenkins-2.76

jenkins-2.77

jenkins-2.78

jenkins-2.79

jenkins-2.80

jenkins-2.81

jenkins-2.82

jenkins-2.83

jenkins-2.84

jenkins-2.85

jenkins-2.86

jenkins-2.87

jenkins-2.88

jenkins-2.89

jenkins-2.89.1

jenkins-2.89.2

jenkins-2.89.3

jenkins-2.89.4

jenkins-2.90

jenkins-2.91

jenkins-2.92

jenkins-2.93

jenkins-2.94

jenkins-2.95

jenkins-2.96

jenkins-2.97

jenkins-2.98

jenkins-2.99

Other

list

untagged-e3a154d27f5bd99802eb