CVE-2025-24403 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of…
Medium CVSS: 4.3

CVE-2025-24403

A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins.
Vendor
Jenkins
Product
Azure Service Fabric
CWE
CWE-862
Yayın Tarihi
2025-01-22 17:15:14
Güncelleme
2025-10-03 00:13:41
Source Identifier
jenkinsci-cert@googlegroups.com
KEV Date Added
-

Kategoriler

CWE-862 Azure Service Fabric MEDIUM Jenkins 2025

Referanslar

https://www.jenkins.io/security/advisory/2025-01-22/#SECURITY-3094