CVE-2023-43494
- Source
- https://cve.org/CVERecord?id=CVE-2023-43494
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-43494.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-43494
- Aliases
- Published
- 2023-09-20T17:15:11.667Z
- Modified
- 2026-05-30T23:44:50.500751Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered.
- References
Affected packages
Git / github.com/jenkinsci/jenkins
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/jenkins
- Events
- Database specific
{ "cpe": [ "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" ], "extracted_events": [ { "introduced": "2.50" }, { "fixed": "2.424" }, { "introduced": "2.60.1" }, { "fixed": "2.414.2" } ], "source": "CPE_RANGE" }
Affected versions
jenkins-2.*
jenkins-2.100
jenkins-2.101
jenkins-2.102
jenkins-2.103
jenkins-2.104
jenkins-2.105
jenkins-2.106
jenkins-2.108
jenkins-2.109
jenkins-2.116
jenkins-2.117
jenkins-2.118
jenkins-2.121
jenkins-2.122
jenkins-2.124
jenkins-2.125
jenkins-2.126
jenkins-2.127
jenkins-2.128
jenkins-2.129
jenkins-2.130
jenkins-2.131
jenkins-2.132
jenkins-2.134
jenkins-2.135
jenkins-2.138
jenkins-2.140
jenkins-2.141
jenkins-2.142
jenkins-2.143
jenkins-2.146
jenkins-2.147
jenkins-2.148
jenkins-2.149
jenkins-2.150
jenkins-2.151
jenkins-2.154
jenkins-2.155
jenkins-2.156
jenkins-2.160
jenkins-2.161
jenkins-2.162
jenkins-2.163
jenkins-2.164
jenkins-2.165
jenkins-2.172
jenkins-2.173
jenkins-2.174
jenkins-2.186
jenkins-2.192
jenkins-2.197
jenkins-2.198
jenkins-2.199
jenkins-2.200
jenkins-2.201
jenkins-2.202
jenkins-2.203
jenkins-2.204
jenkins-2.205
jenkins-2.219
jenkins-2.228
jenkins-2.229
jenkins-2.230
jenkins-2.231
jenkins-2.232
jenkins-2.233
jenkins-2.234
jenkins-2.235
jenkins-2.236
jenkins-2.245
jenkins-2.246
jenkins-2.247
jenkins-2.248
jenkins-2.249
jenkins-2.250
jenkins-2.251
jenkins-2.253
jenkins-2.254
jenkins-2.255
jenkins-2.256
jenkins-2.257
jenkins-2.258
jenkins-2.259
jenkins-2.260
jenkins-2.261
jenkins-2.262
jenkins-2.263
jenkins-2.264
jenkins-2.265
jenkins-2.266
jenkins-2.267
jenkins-2.268
jenkins-2.269
jenkins-2.270
jenkins-2.271
jenkins-2.272
jenkins-2.273
jenkins-2.274
jenkins-2.276
jenkins-2.277
jenkins-2.278
jenkins-2.279
jenkins-2.280
jenkins-2.281
jenkins-2.282
jenkins-2.283
jenkins-2.284
jenkins-2.285
jenkins-2.286
jenkins-2.287
jenkins-2.288
jenkins-2.289
jenkins-2.290
jenkins-2.291
jenkins-2.292
jenkins-2.293
jenkins-2.294
jenkins-2.295
jenkins-2.296
jenkins-2.297
jenkins-2.298
jenkins-2.299
jenkins-2.301
jenkins-2.302
jenkins-2.303
jenkins-2.304
jenkins-2.305
jenkins-2.306
jenkins-2.307
jenkins-2.308
jenkins-2.309
jenkins-2.310
jenkins-2.311
jenkins-2.312
jenkins-2.313
jenkins-2.314
jenkins-2.316
jenkins-2.317
jenkins-2.318
jenkins-2.319
jenkins-2.320
jenkins-2.321
jenkins-2.322
jenkins-2.323
jenkins-2.324
jenkins-2.325
jenkins-2.326
jenkins-2.327
jenkins-2.328
jenkins-2.329
jenkins-2.330
jenkins-2.331
jenkins-2.332
jenkins-2.333
jenkins-2.334
jenkins-2.335
jenkins-2.336
jenkins-2.337
jenkins-2.338
jenkins-2.339
jenkins-2.340
jenkins-2.341
jenkins-2.342
jenkins-2.343
jenkins-2.344
jenkins-2.345
jenkins-2.346
jenkins-2.347
jenkins-2.348
jenkins-2.349
jenkins-2.350
jenkins-2.351
jenkins-2.352
jenkins-2.353
jenkins-2.354
jenkins-2.355
jenkins-2.356
jenkins-2.357
jenkins-2.358
jenkins-2.359
jenkins-2.360
jenkins-2.361
jenkins-2.362
jenkins-2.363
jenkins-2.364
jenkins-2.365
jenkins-2.366
jenkins-2.367
jenkins-2.368
jenkins-2.369
jenkins-2.371
jenkins-2.372
jenkins-2.373
jenkins-2.374
jenkins-2.375
jenkins-2.376
jenkins-2.377
jenkins-2.378
jenkins-2.379
jenkins-2.380
jenkins-2.381
jenkins-2.382
jenkins-2.383
jenkins-2.384
jenkins-2.385
jenkins-2.386
jenkins-2.387
jenkins-2.388
jenkins-2.389
jenkins-2.390
jenkins-2.391
jenkins-2.392
jenkins-2.393
jenkins-2.394
jenkins-2.395
jenkins-2.396
jenkins-2.397
jenkins-2.398
jenkins-2.399
jenkins-2.400
jenkins-2.401
jenkins-2.402
jenkins-2.403
jenkins-2.404
jenkins-2.405
jenkins-2.406
jenkins-2.407
jenkins-2.408
jenkins-2.409
jenkins-2.410
jenkins-2.411
jenkins-2.412
jenkins-2.413
jenkins-2.414
jenkins-2.414.1
jenkins-2.414.1-rc
jenkins-2.414.2-rc
jenkins-2.415
jenkins-2.416
jenkins-2.417
jenkins-2.418
jenkins-2.419
jenkins-2.420
jenkins-2.421
jenkins-2.422
jenkins-2.423
jenkins-2.50
jenkins-2.51
jenkins-2.52
jenkins-2.53
jenkins-2.57
jenkins-2.58
jenkins-2.59
jenkins-2.60
jenkins-2.61
jenkins-2.62
jenkins-2.63
jenkins-2.64
jenkins-2.65
jenkins-2.66
jenkins-2.67
jenkins-2.68
jenkins-2.95
jenkins-2.96
jenkins-2.97
jenkins-2.98
jenkins-2.99