Lucene search
HistoryNov 15, 2022 - 8:15 p.m.
CVE-2022-45399
cve-2022-45399
nvd
jenkins
cluster statistics plugin
security vulnerability
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.0%
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.
Affected configurations
Node
jenkinscluster_statisticsRange≤0.4.6jenkins
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins:cluster_statistics | jenkins cluster statistics | le | 0.4.6 |
CNA Affected
[
{
"product": "Jenkins Cluster Statistics Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "0.4.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0.4.6",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2022-45399
2022-11-15 20:15:14
cvelist
cvelist
CVE-2022-45399
2022-11-15 00:00:00
prion
prion
Information disclosure
2022-11-15 20:15:00
osv
osv
Jenkins Cluster Statistics Plugin Missing Authorization vulnerability
2022-11-16 12:00:23
github
github
Jenkins Cluster Statistics Plugin Missing Authorization vulnerability
2022-11-16 12:00:23
nessus
nessus
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.0%
Related for CVE-2022-45399