CVE-2022-41234 in Rundeck Plugin信息

摘要

由 MITRE • 2022-09-21

Jenkins Rundeck Plugin 3.6.11 and earlier does not protect access to the /plugin/rundeck/webhook/ endpoint, allowing users with Overall/Read permission to trigger jobs that are configured to be triggerable via Rundeck.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

来源

Interested in the pricing of exploits?

See the underground prices here!