Lucene search

CVE-2022-45389

🗓️ 15 Nov 2022 20:12:15Reported by jenkinsType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 247 Views

Missing permission check in Jenkins XP-Dev Plugin 1.0 allows unauthenticated trigger

Reporter	Title	Published	Views	Family All 7
Github Security Blog	Missing Authorization in Jenkins XP-Dev Plugin	16 Nov 202212:00	–	github
Cvelist	CVE-2022-45389	15 Nov 202200:00	–	cvelist
NVD	CVE-2022-45389	15 Nov 202220:15	–	nvd
Prion	Design/Logic Flaw	15 Nov 202220:15	–	prion
OSV	Missing Authorization in Jenkins XP-Dev Plugin	16 Nov 202212:00	–	osv
Tenable Nessus	Jenkins plugins Multiple Vulnerabilities (2022-11-15)	4 Aug 202300:00	–	nessus
Tenable Nessus	Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.6 / 2.361.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-11-15)	16 Nov 202200:00	–	nessus

Nvd

Node

jenkins xp-devRange≤1.0jenkins

[
  {
    "product": "Jenkins XP-Dev Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "1.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 1.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
jenkins	www.jenkins.io/security/advisory/2022-11-15/
openwall	www.openwall.com/lists/oss-security/2022/11/15/4

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Nov 2022 20:15Current

5.6Medium risk

Vulners AI Score5.6

CVSS35.3

EPSS0.00065

CWE-862