Lucene search
China National Vulnerability DatabaseCNVD-2022-08224HistoryJan 21, 2022 - 12:00 a.m.
Jenkins Permissions and Access Control Issues Vulnerability
2022-01-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
jenkins
automation server
security vulnerability
credential enumeration
privilege checking
ssh agent plugin
EPSS
0.001
Percentile
22.0%
Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins SSH Agent Plugin 1.23 previously had a security vulnerability that stemmed from a lack of privilege checking, which could be exploited by an attacker to enumerate credentials stored in Jenkins using Overall Read access id.
Related
github
github
prion
prion
Information disclosure
2022-01-12 20:15:00
nvd
nvd
CVE-2022-20620
2022-01-12 20:15:09
osv
osv
CVE-2022-20620
2022-01-12 20:15:09
cvelist
cvelist
CVE-2022-20620
2022-01-12 19:05:58
cve
cve
CVE-2022-20620
2022-01-12 20:15:09
nessus
nessus
Jenkins Enterprise and Operations Center < 2.277.43.0.5 / 2.319.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2022-01-12)
2022-02-15 00:00:00
Jenkins LTS < 2.319.2 / Jenkins weekly < 2.330 Multiple Vulnerabilities
2022-01-21 00:00:00
Jenkins plugins Multiple Vulnerabilities (2022-01-12)
2022-01-21 00:00:00