Lucene search

K
cvelistJenkinsCVELIST:CVE-2022-45392
HistoryNov 15, 2022 - 12:00 a.m.

CVE-2022-45392

2022-11-1500:00:00
jenkins
www.cve.org

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system.

CNA Affected

[
  {
    "product": "Jenkins NS-ND Integration Performance Publisher Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "4.8.0.143",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

Related for CVELIST:CVE-2022-45392