CVE-2022-23111

2022-01-1220:15:09

Google

osv.dev

4.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.1%

JSON

A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.

CPENameOperatorVersion
publish-over-ssh-plugineqpublish-over-ssh-0.8
publish-over-ssh-plugineqpublish-over-ssh-1.18
publish-over-ssh-plugineqpublish-over-ssh-1.14
publish-over-ssh-plugineqpublish-over-ssh-1.19
publish-over-ssh-plugineqpublish-over-ssh-0.12
publish-over-ssh-plugineqpublish-over-ssh-0.13
publish-over-ssh-plugineqpublish-over-ssh-1.3
publish-over-ssh-plugineqpublish-over-ssh-1.5
publish-over-ssh-plugineqpublish-over-ssh-0.6
publish-over-ssh-plugineqpublish-over-ssh-0.9

Name	Operator	Version
publish-over-ssh-plugin	eq	publish-over-ssh-0.8
publish-over-ssh-plugin	eq	publish-over-ssh-1.18
publish-over-ssh-plugin	eq	publish-over-ssh-1.14
publish-over-ssh-plugin	eq	publish-over-ssh-1.19
publish-over-ssh-plugin	eq	publish-over-ssh-0.12
publish-over-ssh-plugin	eq	publish-over-ssh-0.13
publish-over-ssh-plugin	eq	publish-over-ssh-1.3
publish-over-ssh-plugin	eq	publish-over-ssh-1.5
publish-over-ssh-plugin	eq	publish-over-ssh-0.6
publish-over-ssh-plugin	eq	publish-over-ssh-0.9