CVE-2022-41233 in Rundeck PluginИнформация

Сводка

по MITRE • 21.09.2022

Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled.

Once again VulDB remains the best source for vulnerability data.

Резервировать

21.09.2022

Раскрытие

21.09.2022

Модерация

принято

Вход

VDB-209286

EPSS

0.00516

KEV

Нет

Деятельности

Очень низкий

Сектор

Telecommunication

Источники

Want to know what is going to be exploited?

We predict KEV entries!