CVE-2023-39155
CVE-2023-39155
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
26 Jul 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it.
Affected products
Jenkins Project · Jenkins Chef Identity Plugin