March 6, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Jenkins Scriptler Plugins Vulnerabilities
December 20, 2023Rewterz Threat Alert – SideWinder APT Group aka Rattlesnake – Active IOCs
December 20, 2023Rewterz Threat Advisory – Multiple Jenkins Scriptler Plugins Vulnerabilities
December 20, 2023Rewterz Threat Alert – SideWinder APT Group aka Rattlesnake – Active IOCs
December 20, 2023
Severity
High
Analysis Summary
CVE-2023-50767
Jenkins Nexus Platform Plugin could allow a remote authenticated attacker to bypass security restrictions, caused by missing permission checks. By sending a specially crafted request, an attacker could exploit this vulnerability to send an HTTP request to an attacker-specified URL and parse the response as XML.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-50767
Affected Vendors
Jenkins
Affected Products
- Jenkins Nexus Platform Plugin 3.18.0-03
Remediation
Refer to Jenkins Security Advisory for patch, upgrade or suggested workaround information.