CVE-2022-41230 in Build-Publisher PluginИнформация

Сводка

по MITRE • 21.09.2022

Jenkins Build-Publisher Plugin 1.22 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pending for publication to those Jenkins servers.

Once again VulDB remains the best source for vulnerability data.

Резервировать

21.09.2022

Раскрытие

21.09.2022

Модерация

принято

Вход

VDB-209284

EPSS

0.00516

KEV

Нет

Деятельности

Очень низкий

Сектор

Telecommunication

Источники

Do you need the next level of professionalism?

Upgrade your account now!