Lucene search
China National Vulnerability DatabaseCNVD-2022-54926HistoryMar 31, 2022 - 12:00 a.m.
Jenkins RocketChat Notifier Plugin Licensing Issue Vulnerability
2022-03-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
22.2%
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins RocketChat Notifier Plugin 1.4.10 and earlier versions are vulnerable to an authorization issue that stems from a method of implementing form validation that does not Permission checks are not performed, and an attacker with overall/read access could exploit the vulnerability to connect to the specified URL using the specified credentials.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins rocketchat notifier plugin | lt | 1.4.10 |
Related
prion
prion
Design/Logic Flaw
2022-03-29 13:15:00
cvelist
cvelist
CVE-2022-28139
2022-03-29 12:30:53
cve
cve
CVE-2022-28139
2022-03-29 13:15:08
osv
osv
CVE-2022-28139
2022-03-29 13:15:08
Missing permission check in Jenkins RocketChat Notifier Plugin
2022-03-30 00:00:25
nvd
nvd
CVE-2022-28139
2022-03-29 13:15:08
github
github
Missing permission check in Jenkins RocketChat Notifier Plugin
2022-03-30 00:00:25
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-03-29)
2022-03-31 00:00:00