CNNVD-202512-412 Information
CNNVD ID
CNNVD-202512-412
Related CVE
- CNNVD Published: 2025-12-03
Description (Chinese)
Perforce BlazeMeter Jenkins Plugin是美国Perforce公司的一个插件。 Perforce BlazeMeter Jenkins Plugin 4.27之前版本存在安全漏洞,该漏洞源于权限控制不当,可能导致未授权访问敏感资源列表。
Description (English)
Perforce BlazeMeter Jenkins Plugin is a plugin for the United States company Perforce. Prior to version 4.27 of Perforce BlazeMeter Jenkins Plugin, there was a security loophole, which stemmed from inadequate authority controls and could lead to unauthorized access to the list of sensitive resources.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Perforce
Published
2025-12-03
Last Modified
2026-02-24
References
https://portal.perforce.com/s/cve/a91Qi000002bFgTIAU/missing-authorization-in-blazemeter-jenkins-plugin https://vigilance.fr/vulnerability/Jenkins-Plugins-multiple-vulnerabilities-dated-10-12-2025-49059 https://access.redhat.com/security/cve/cve-2025-13472
Patch
https://portal.perforce.com/s/product/a3g4X000002vfQeQAI/blazemeter
Share on: