Vulnerabilities > Jenkins > Deploy Weblogic

DATE CVE VULNERABILITY TITLE RISK
2019-10-23 CVE-2019-10465 Incorrect Default Permissions vulnerability in Jenkins Deploy Weblogic
A missing permission check in Jenkins Deploy WebLogic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system.
network
low complexity
jenkins CWE-276
4.3
2019-10-23 CVE-2019-10464 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Deploy Weblogic
A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file system.
network
low complexity
jenkins CWE-352
8.8