CVE-2023-32261 | Dimensions CM

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/ .This CVE has a CVSS3.1 score of 4.2 and a Base Severity of MEDIUM.

Info	Details
CVE ID	CVE-2023-32261
CVE State	PUBLISHED
BaseScore	4.2
BaseSeverity	MEDIUM
VectorString	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Version	NA

References for CVE-2023-32261 :
https://www.jenkins.io/security/advisory/2023-06-14/
https://plugins.jenkins.io/dimensionsscm/
https://portal.microfocus.com/s/article/KM000019297

Metric Type	Metric Score
AttackVector(AV)	NETWORK
AttackComplexity(AC)	HIGH
PrivilegesRequired(PR)	LOW
UserInteraction(UI)	NONE
Scope(S)	UNCHANGED
Confidentiality(C)	LOW
Availability(A)	NONE
Integrity(I)	LOW