CVE-2023-24423

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.

Affected Software

VendorProductVersion RangeStatus
Jenkins ProjectJenkins Gerrit Trigger Pluginunspecified <= 2.38.0affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References