CVE-2022-25188 in Fortify Plugininformación

Resumen

por MITRE • 2022-02-15

Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

2022-02-15

Divulgación

2022-02-15

Moderación

aceptado

Artículo

VDB-193144

CPE

listo

EPSS

0.01219

KEV

no

Actividades

muy bajo

Fuentes

Want to know what is going to be exploited?

We predict KEV entries!