Lucene search
HistoryJul 27, 2022 - 3:15 p.m.
CVE-2022-36884
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
35.7%
The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
Affected configurations
Node
jenkinsgitRange≤4.11.3jenkins
Related
veracode
veracode
Information Disclosure
2023-03-07 00:49:20
cve
cve
CVE-2022-36884
2022-07-27 15:15:08
alpinelinux
alpinelinux
CVE-2022-36884
2022-07-27 15:15:08
redhatcve
redhatcve
CVE-2022-36884
2022-08-19 05:39:14
github
github
Lack of authentication mechanism in Jenkins Git Plugin webhook
2022-07-28 00:00:43
osv
osv
Lack of authentication mechanism in Jenkins Git Plugin webhook
2022-07-28 00:00:43
CVE-2022-36884
2022-07-27 15:15:08
prion
prion
Design/Logic Flaw
2022-07-27 15:15:00
cvelist
cvelist
CVE-2022-36884
2022-07-27 14:21:25
redhat
redhat
nessus
nessus
RHCOS 4 : OpenShift Container Platform 4.8.56 (RHSA-2023:0017)
2024-01-24 00:00:00
RHEL 8 : OpenShift Container Platform 4.8.56 (RHSA-2023:0017)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-01-24 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
35.7%
Related for NVD:CVE-2022-36884