Lucene search
China National Vulnerability DatabaseCNVD-2022-54936HistoryMar 31, 2022 - 12:00 a.m.
Jenkins Job and Node ownership Plugin授权问题漏洞
2022-03-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
0.001 Low
EPSS
Percentile
23.0%
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Job and Node ownership Plugin 0.13.0 and earlier versions are vulnerable to an authorization issue that stems from the plugin not performing permission checks across multiple HTTP endpoints. An attacker with project/read permissions could exploit this vulnerability to change the owner of a job and project-specific permissions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins job and node ownership plugin | lt | 0.13.0 |
Related
prion
prion
Design/Logic Flaw
2022-03-29 13:15:00
cvelist
cvelist
CVE-2022-28151
2022-03-29 12:31:13
github
github
Missing permission check in Jenkins Job and Node ownership Plugin
2022-03-30 00:00:23
osv
osv
CVE-2022-28151
2022-03-29 13:15:09
Missing permission check in Jenkins Job and Node ownership Plugin
2022-03-30 00:00:23
cve
cve
CVE-2022-28151
2022-03-29 13:15:09
nvd
nvd
CVE-2022-28151
2022-03-29 13:15:09
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-03-29)
2022-03-31 00:00:00