Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:39 p.m.6 views

CVE-2022-27211

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkin...

6.5CVSS6.4AI score0.00887EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/03/16 12:0 a.m.6 views

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-dev-spaces (>=3.0.0 <=3.0.3) potentially affected by CVE-2022-27211 via org.jenkins-ci.plugins:kubernetes-cd (>=0.1.0 <=0.2.3)

org.jenkins-ci.plugins:kubernetes-cd MAVEN version =0.1.0, =0.1.0, =3.0.0, =3.0.3 Source cves: CVE-2022-27211 Source advisory: OSV:GHSA-794J-HX96-4W3M...

6.5CVSS6.5AI score0.00887EPSS
Exploits0
Cvelist
Cvelist
added 2022/03/15 4:46 p.m.23 views

CVE-2022-27211

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkin...

7.1AI score0.00887EPSS
Exploits0References2
CVE
CVE
added 2022/03/15 4:46 p.m.134 views

CVE-2022-27211

CVE-2022-27211 : Jenkins Kubernetes Continuous Deploy Plugin ≤ 2.3.1 suffers a missing permission check that lets users with Overall/Read access connect to an attacker‑specified SSH server using attacker‑specified credentials IDs, enabling capture of credentials stored in Jenkins. Red Hat and OSV...

6.5CVSS6.4AI score0.00887EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder