← Back

Eiffel Broadcaster

eiffel_broadcaster

Vendor: Jenkins • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-24400
1Jenkins
1Eiffel Broadcaster
Oct 3, 2025
Jan 22, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate o...Show more
Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with the legitimate credentials.Show less