CVE-2022-45398

🗓️ 15 Nov 2022 00:00:00Reported by jenkinsType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 274 Views

A CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 allows deletion of recorded statistics

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2022-45398	30 Apr 202516:14	–	circl
Tenable Nessus	Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.6 / 2.361.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-11-15)	16 Nov 202200:00	–	nessus
Tenable Nessus	Jenkins plugins Multiple Vulnerabilities (2022-11-15)	4 Aug 202300:00	–	nessus
CNNVD	Jenkins Plugin Cluster Statistics 跨站请求伪造漏洞	15 Nov 202200:00	–	cnnvd
Cvelist	CVE-2022-45398	15 Nov 202200:00	–	cvelist
EUVD	EUVD-2022-7191	3 Oct 202520:07	–	euvd
Github Security Blog	Cross-Site Request Forgery in Jenkins Cluster Statistics Plugin	16 Nov 202212:00	–	github
NVD	CVE-2022-45398	15 Nov 202220:15	–	nvd
OSV	GHSA-24HP-84JP-8WGM Cross-Site Request Forgery in Jenkins Cluster Statistics Plugin	16 Nov 202212:00	–	osv
Prion	Cross site request forgery (csrf)	15 Nov 202220:15	–	prion

NVD

Node

jenkins cluster_statisticsRange≤0.4.6jenkins

[
  {
    "product": "Jenkins Cluster Statistics Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "0.4.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0.4.6",
        "versionType": "custom"
      }
    ]
  }
]