Vulnerability Description
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microfocus | Dimensions Cm | >= 0.8.17, < 0.9.3.1 |
References
- https://plugins.jenkins.io/dimensionsscm/Product
- https://portal.microfocus.com/s/article/KM000019298Vendor Advisory
- https://www.jenkins.io/security/advisory/2023-06-14/Third Party Advisory
- https://plugins.jenkins.io/dimensionsscm/Product
- https://portal.microfocus.com/s/article/KM000019298Vendor Advisory
- https://www.jenkins.io/security/advisory/2023-06-14/Third Party Advisory
FAQ
What is CVE-2023-32262?
CVE-2023-32262 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials ...
How severe is CVE-2023-32262?
CVE-2023-32262 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-32262?
Check the references section above for vendor advisories and patch information. Affected products include: Microfocus Dimensions Cm.