Lucene search
HistoryJul 27, 2022 - 3:15 p.m.
CVE-2022-36917
cve-2022-36917
jenkins
google cloud backup plugin
security
permission check
nvd
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.2%
A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup.
Affected configurations
Node
jenkinsgoogle_cloud_backupRange≤0.6jenkins
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins:google_cloud_backup | jenkins google cloud backup | le | 0.6 |
CNA Affected
[
{
"product": "Jenkins Google Cloud Backup Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "0.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0.6",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
prion
prion
Information disclosure
2022-07-27 15:15:00
cvelist
cvelist
CVE-2022-36917
2022-07-27 14:28:21
osv
osv
github
github
nvd
nvd
CVE-2022-36917
2022-07-27 15:15:12
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.2%
Related for CVE-2022-36917