Skip to content

CVE-2023-32262 | Dimensions CM

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/ .This CVE has a CVSS3.1 score of 4.3 and a Base Severity of MEDIUM.

InfoDetails
CVE IDCVE-2023-32262
CVE StatePUBLISHED
BaseScore4.3
BaseSeverityMEDIUM
VectorStringCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
VersionNA

References for CVE-2023-32262 :
https://www.jenkins.io/security/advisory/2023-06-14/
https://plugins.jenkins.io/dimensionsscm/
https://portal.microfocus.com/s/article/KM000019298

Metric TypeMetric Score
AttackVector(AV)NETWORK
AttackComplexity(AC)LOW
PrivilegesRequired(PR)LOW
UserInteraction(UI)NONE
Scope(S)UNCHANGED
Confidentiality(C)LOW
Availability(A)NONE
Integrity(I)NONE
Tags: