Lucene search
JenkinsCVE-2022-36894HistoryJul 27, 2022 - 3:15 p.m.
CVE-2022-36894
2022-07-2715:15:09
jenkins
web.nvd.nist.gov
63
4
cve-2022-36894
jenkins
clif performance testing plugin
vulnerability
arbitrary file write
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
22.0%
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfb_f and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.
Affected configurations
Node
jenkinsclif_performance_testingRange≤64.vc0d66de1dfb_fjenkins
| Vendor | Product | Version | CPE |
|---|---|---|---|
| jenkins | clif_performance_testing | * | cpe:2.3:a:jenkins:clif_performance_testing:*:*:*:*:*:jenkins:*:* |
CNA Affected
[
{
"product": "Jenkins CLIF Performance Testing Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "64.vc0d66de1dfb_f",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 64.vc0d66de1dfb_f",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
osv
osv
alpinelinux
alpinelinux
CVE-2022-36894
2022-07-27 15:15:09
prion
prion
Arbitrary file deletion
2022-07-27 15:15:00
cvelist
cvelist
CVE-2022-36894
2022-07-27 14:23:33
github
github
nvd
nvd
CVE-2022-36894
2022-07-27 15:15:09
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
22.0%
Related for CVE-2022-36894