CVE-2022-25188 in Fortify Pluginالمعلومات

الملخص

بحسب MITRE • 15/02/2022

Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

15/02/2022

إفشاء

15/02/2022

الاعتدال

تمت الموافقة

إدخال

VDB-193144

EPSS

0.01219

KEV

لا

النشاطات

منخفض جدًا

القطاع

Telecommunication

المصادر

Want to know what is going to be exploited?

We predict KEV entries!