CVE-2023-25767

Name of the Vulnerable Software and Affected Versions Jenkins Azure Credentials Plugin versions 253.v887e0f9e898b and earlier

Description The issue is related to a cross-site request forgery (CSRF) vulnerability. This vulnerability can be exploited by a remote attacker to perform a CSRF attack, allowing them to connect to an attacker-specified web server.

Recommendations For Jenkins Azure Credentials Plugin versions 253.v887e0f9e898b and earlier, consider disabling the plugin until a patch is available to prevent potential CSRF attacks. Restrict access to the plugin's functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.