CVE-2024-34147 | Telegram Bot Plugin up to 1.4.0 on Jenkins Controller File System missing encryption

Inserito da Angelo Barbosa | Mag 2, 2024 | CVE

A vulnerability classified as problematic has been found in Telegram Bot Plugin up to 1.4.0 on Jenkins. Affected is an unknown function of the component Controller File System Handler. The manipulation leads to missing encryption of sensitive data.

This vulnerability is traded as CVE-2024-34147. The attack can only be done within the local network. There is no exploit available.

CVE-2024-34147 | Telegram Bot Plugin up to 1.4.0 on Jenkins Controller File System missing encryption

Post correlati

CVE-2024-38531 | NixOS nix up to 2.23.0 insecure preserved inherited permissions

CVE-2024-41124 | ARPSyndicate puncia up to 0.20 cleartext transmission

CVE-2024-5313 | Schneider Electric EVlink Home Smart 2.0.3.8.2_128/2.0.4.1.2_131 SSH Interface exposure of resource (SEVD-2024-163-03)

CVE-2023-49101 | Axigen up to 10.3.3.60/10.4.23/10.5.9 WebAdmin cross site scripting