Container Scanning Connector
Approved changes feed: RSS · Atom
cpe:2.3:a:qualys:container_scanning_connector:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Qualys (e1377980-03f0-5785-b9ec-b92371704dec) |
|---|---|
| Product | Container Scanning Connector (239dfd82-6f4e-58b4-8b6a-7f2b2dcd6d1e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-4777 |
vulnerable | 2026-06-08 06:16:14.547248 |
Incorrect Permission Assignment on Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier
LOW (3.1)
An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credentials IDs of credentials stored in Jenkins and to connect to an attacker-specified URL using attacker-specified credentials IDs, capturing credentials stored in Jenkins.
Published: 2023-09-08T08:42:35.645Z
Updated: 2024-09-25T20:07:05.784Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.