What is CVE-2023-30524?

Jenkins Report Portal Plugin 0.5 and earlier does not mask ReportPortal access tokens displayed on the configuration form, increasing the potential for attackers to observe and capture them.

How severe is CVE-2023-30524?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2023-30524?

This is classified as CWE-1270, which is a common weakness in software security.

CVE-2023-30524 - MEDIUM Severity | CVSS 4.3

CVE-2023-22644

CRITICAL

CVSS:5.5(Medium)

A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead ...

CWE-12702023

CVE-2023-2882

CRITICAL

CVSS:9.8(Critical)

Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

CWE-12702023

CVE-2023-22644

CRITICAL

CVSS:5.5(Medium)

A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead ...

CWE-12702023

CVE-2023-32188

CRITICAL

A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead ...

CWE-12702023

CVE Security Database

CVE-2023-30524

Vulnerability Description

CVE-2023-22644

CVE-2023-2882

CVE-2023-22644

CVE-2023-32188

CVE-2023-30524

Vulnerability Description

Related Vulnerabilities

CVE-2023-22644

CVE-2023-2882

CVE-2023-22644

CVE-2023-32188