CyberSec.Space Logo
Back to CVE Browser

CVE-2021-21655

HIGH
7.1
CVSS Severity Score
EPSS Score0.0440%
EPSS Percentile4.31th
PublishedMay 11, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password.

Affected Platforms (CPE)

📦
Jenkins

P4

<= 1.11.4

References & Advisories

🔗 https://www.jenkins.io/security/advisory/2021-05-11/#SECURITY-2327
🔗 https://www.jenkins.io/security/advisory/2021-05-11/#SECURITY-2327

Related Vulnerabilities

CVE-2021-231710.0

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console)...

CVE-2021-138810.0

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could a...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-2289310.0

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Sh...