{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "0.8.17"
              },
              {
                "last_affected": "0.9.3"
              }
            ]
          },
          "events": [
            {
              "introduced": "b0d559c050e88038cdff69c0621d3aeda1b6e3c5"
            },
            {
              "last_affected": "97c41008868b67bff1c1f236660ba6da8cdd7ac6"
            }
          ],
          "repo": "https://github.com/jenkinsci/dimensionsscm-plugin",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "\nA potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server.  This vulnerability only applies when the Jenkins plugin is configured to use login certificate credentials.\n\n\n  https://www.jenkins.io/security/advisory/2023-06-14/ \n\n",
  "id": "CVE-2023-32263",
  "modified": "2026-03-13T21:58:28.799403512Z",
  "published": "2023-07-19T16:15:09.893Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://plugins.jenkins.io/dimensionsscm/"
    },
    {
      "type": "ADVISORY",
      "url": "https://portal.microfocus.com/s/article/KM000019293"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}