CVE-2022-41242

A missing permission check in Jenkins extreme-feedback Plugin 1.7 and earlier allows attackers with Overall/Read permission to discover information about job names attached to lamps, discover MAC and IP addresses of existing lamps, and rename lamps...

Information disclosure

A missing permission check in Jenkins extreme-feedback Plugin 1.7 and earlier allows attackers with Overall/Read permission to discover information about job names attached to lamps, discover MAC and IP addresses of existing lamps, and rename lamps...

CVE-2022-41242

A missing permission check in Jenkins extreme-feedback Plugin 1.7 and earlier allows attackers with Overall/Read permission to discover information about job names attached to lamps, discover MAC and IP addresses of existing lamps, and rename lamps...

CVE-2022-41242

CVE-2022-41242 affects Jenkins extreme-feedback Plugin 1.7 and earlier. Root cause: missing authorization check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate lamp-related data (job names, MAC/IP addresses) and rename lamps. Impact is information disclosure and ...

PT-2022-6107 · Jenkins · Jenkins Extreme-Feedback Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins extreme-feedback Plugin versions 1.7 and earlier Description: The issue is related to a missing permission check in the Jenkins extreme-feedback Plugin, allowing attackers with Overall/Read permission to access sensitive information...