Vulnerabilities > Jenkins > Delphix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-16 | CVE-2023-40344 | Missing Authorization vulnerability in Jenkins Delphix A missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
| 2023-08-16 | CVE-2023-40345 | Insufficiently Protected Credentials vulnerability in Jenkins Delphix Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to. | 6.5 |