Lucene search
JenkinsVULNRICHMENT:CVE-2024-34146HistoryMay 02, 2024 - 1:28 p.m.
CVE-2024-34146
2024-05-0213:28:04
jenkins
github.com
1
jenkins
git
ssh
permission check
access control
Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:jenkins:git_server:*:*:*:*:*:jenkins:*:*"
],
"vendor": "jenkins",
"product": "git_server",
"versions": [
{
"status": "affected",
"version": "*"
}
],
"defaultStatus": "unknown"
}
]Related
cve
cve
CVE-2024-34146
2024-05-02 14:15:10
github
github
Jenkins Git server Plugin does not perform a permission check
2024-05-02 15:30:35
cvelist
cvelist
CVE-2024-34146
2024-05-02 13:28:04
redhatcve
redhatcve
CVE-2024-34146
2024-05-03 08:53:50
veracode
veracode
Improper Authorization
2024-05-08 07:16:56
osv
osv
Jenkins Git server Plugin does not perform a permission check
2024-05-02 15:30:35
nvd
nvd
CVE-2024-34146
2024-05-02 14:15:10
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-05-02)
2024-05-02 00:00:00
AI Score
6.5
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-34146