Vulnerabilities > CVE-2023-25721 - Unspecified vulnerability in Veracode

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

veracode

NVD

Published: 2023-03-28

Updated: 2024-11-21

Summary

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users (with access to view the job log) to discover proxy credentials.

Vulnerable Configurations

Part	Description	Count
Application	Veracode Veracode Veracode -	1

References

https://docs.veracode.com/updates/r/c_all_int#veracode-jenkins-plugin-233190
https://docs.veracode.com/updates/r/c_all_int#veracode-jenkins-plugin-233190
https://veracode.com
https://veracode.com