CVE-2024-9453 Information
Jul 05, 2025
cve
Description
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a malicious user to jeopardize the environment if they have access to sensitive information.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Reference
https://access.redhat.com/security/cve/CVE-2024-9453 https://bugzilla.redhat.com/show_bug.cgi?id=2316231
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
6.5
Related CNNVD
CNNVD-202507-396 (Published: 2025-07-04)
Share on: