CVE-2022-36894

🗓️ 27 Jul 2022 14:23:33Reported by jenkinsType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 99 Views

An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugi

Reporter	Title	Published	Views	Family All 16
ATTACKERKB	CVE-2022-36894	27 Jul 202215:15	–	attackerkb
AlpineLinux	CVE-2022-36894	27 Jul 202214:23	–	alpinelinux
BDU FSTEC	The vulnerability of the Jenkins CLIF Performance Testing Plugin lies in the incorrect path limitation for the restricted access directory, allowing attackers to create or replace any files in the file system.	10 Aug 202200:00	–	bdu_fstec
Circl	CVE-2022-36894	27 Jul 202218:52	–	circl
Tenable Nessus	Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.15 / 2.346.2.3 Multiple Vulnerabilities (CloudBees Security Advisory 2022-07-27)	7 Oct 202200:00	–	nessus
CNNVD	Jenkins CLIF Performance Testing Plugin 路径遍历漏洞	27 Jul 202200:00	–	cnnvd
Cvelist	CVE-2022-36894	27 Jul 202214:23	–	cvelist
EUVD	EUVD-2022-6268	3 Oct 202520:07	–	euvd
Github Security Blog	Arbitrary file write vulnerability in Jenkins CLIF Performance Testing plugin	28 Jul 202200:00	–	github
NVD	CVE-2022-36894	27 Jul 202215:15	–	nvd

NVD

Node

jenkins clif_performance_testingRange≤64.vc0d66de1dfb_fjenkins

[
  {
    "product": "Jenkins CLIF Performance Testing Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "64.vc0d66de1dfb_f",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 64.vc0d66de1dfb_f",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
openwall	www.openwall.com/lists/oss-security/2022/07/27/1
jenkins	www.jenkins.io/security/advisory/2022-07-27/

17 Jun 2026 04:54Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.5

EPSS0.00651