Lucene search
GoogleOSV:CVE-2022-41252HistorySep 21, 2022 - 4:15 p.m.
CVE-2022-41252
2022-09-2116:15:11
Google
osv.dev
2
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.2%
Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allows users with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cons3rt-plugin | eq | 1.0.0 |
Related
cve
cve
CVE-2022-41252
2022-09-21 16:15:11
osv
osv
nvd
nvd
CVE-2022-41252
2022-09-21 16:15:11
prion
prion
Information disclosure
2022-09-21 16:15:00
cvelist
cvelist
CVE-2022-41252
2022-09-21 15:46:09
github
github
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-09-21)
2022-10-07 00:00:00
Jenkins weekly < 2.370 Multiple Vulnerabilities
2022-10-07 00:00:00
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.2%
Related for OSV:CVE-2022-41252