CVE-2022-27211 in Kubernetes Continuous Deploy Plugininformazioni

Riassunto

di MITRE • 15/03/2022

A missing/An incorrect permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Fonti

Want to stay up to date on a daily basis?

Enable the mail alert feature now!