Lucene search
GitHub Advisory DatabaseGHSA-6XF5-C3CX-67PVHistoryJul 28, 2022 - 12:00 a.m.
Arbitrary file write vulnerability in Jenkins CLIF Performance Testing plugin
2022-07-2800:00:42
CWE-22
GitHub Advisory Database
github.com
15
jenkins
clif performance testing
arbitrary file write
vulnerability
attackers
permission
file system
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
22.0%
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfb_f and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.
Affected configurations
Node
org.jenkins-ci.pluginsclif-performance-testingRange≤64.vc0d66de1dfb
| Vendor | Product | Version | CPE |
|---|---|---|---|
| org.jenkins-ci.plugins | clif-performance-testing | * | cpe:2.3:a:org.jenkins-ci.plugins:clif-performance-testing:*:*:*:*:*:*:*:* |
Related
osv
osv
alpinelinux
alpinelinux
CVE-2022-36894
2022-07-27 15:15:09
prion
prion
Arbitrary file deletion
2022-07-27 15:15:00
cvelist
cvelist
CVE-2022-36894
2022-07-27 14:23:33
nvd
nvd
CVE-2022-36894
2022-07-27 15:15:09
cve
cve
CVE-2022-36894
2022-07-27 15:15:09
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
22.0%
Related for GHSA-6XF5-C3CX-67PV