CVE-2021-21663 – A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 7.5.8 and earlier allows …

10 June 2021

Vuln ID: CVE-2021-21663

Published: 2021-06-10 15:15:08Z

Description: A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 7.5.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in Jenkins.

Source: NVD.NIST.GOV

Date:

10 June 2021

Categorie(s):

NVD

Tag(s):

NVD

Online Banking Security Still Not Up to Par, Says Which?25 April 2024
What to do in the age of the critical breach25 April 2024
Dropbox announces a number of security and data protection features25 April 2024
AuditBoard AI automates important tasks for security teams25 April 2024
Appdome upgrades MOBILEBot Defense for tailored WAF integration25 April 2024