CVE-2022-25188 in Fortify Plugininformação

Sumário

de MITRE • 15/02/2022

Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

15/02/2022

Divulgação

15/02/2022

Moderação

aceite

Entrada

VDB-193144

CPE

pronto

EPSS

0.01219

KEV

não

Atividades

muito baixo

Fontes

Might our Artificial Intelligence support you?

Check our Alexa App!