Lucene search
China National Vulnerability DatabaseCNVD-2022-84068HistoryMar 17, 2022 - 12:00 a.m.
Jenkins CloudBees AWS Credentials Plugin Cross-Site Request Forgery Vulnerability
2022-03-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
30.1%
Jenkins is a software project, a Java-based continuous integration tool for monitoring continuously recurring work, designed to provide an open and easy-to-use software platform that allows software projects to be continuously integrated. Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and A cross-site request forgery vulnerability exists in earlier versions, which stems from a WEB application that does not adequately validate that the request is from a trusted user. An attacker could exploit this vulnerability to allow an attacker with overall/read access to connect to AWS services using a specified token.
Related
alpinelinux
alpinelinux
CVE-2022-27198
2022-03-15 17:15:10
cvelist
cvelist
CVE-2022-27198
2022-03-15 16:45:41
github
github
CSRF vulnerability in Jenkins CloudBees AWS Credentials Plugin
2022-03-16 00:00:44
osv
osv
CSRF vulnerability in Jenkins CloudBees AWS Credentials Plugin
2022-03-16 00:00:44
prion
prion
Cross site request forgery (csrf)
2022-03-15 17:15:00
nvd
nvd
CVE-2022-27198
2022-03-15 17:15:10
cve
cve
CVE-2022-27198
2022-03-15 17:15:10
