Every CVE whose affected-product data names Jenkins Cons3rt, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-41253 — CVSS 8.8 (high): A cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an…
CVE-2022-41254 — CVSS 6.5 (medium): Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect to an…
CVE-2022-41255 — CVSS 6.5 (medium): Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller where it…
CVE-2022-41252 — CVSS 4.3 (medium): Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allows users with Overall/Read permission to enumerate credentials ID…