{"uuid": "f74dc153-2ec6-4642-944f-3d2a3c5a8e1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43496", "type": "seen", "source": "https://t.me/arpsyndicate/2382", "content": "#ExploitObserverAlert\n\nCVE-2023-43496\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-43496. Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.\n\nFIRST-EPSS: 0.000550000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-03T23:29:41.000000Z"}