Lucene search
GoogleOSV:GHSA-7H2J-H5XP-H3GHHistoryMay 18, 2022 - 12:00 a.m.
Missing Authorization in Jenkins SSH plugin
2022-05-1800:00:40
Google
osv.dev
13
0.001 Low
EPSS
Percentile
28.4%
A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.jenkins-ci.plugins:ssh | eq | 2.6 | |
| org.jenkins-ci.plugins:ssh | eq | 2.5 | |
| org.jenkins-ci.plugins:ssh | eq | 2.4 | |
| org.jenkins-ci.plugins:ssh | eq | 2.6.1 |
Related
github
github
Missing Authorization in Jenkins SSH plugin
2022-05-18 00:00:40
prion
prion
Design/Logic Flaw
2022-05-17 15:15:00
nvd
nvd
CVE-2022-30959
2022-05-17 15:15:10
cve
cve
CVE-2022-30959
2022-05-17 15:15:10
osv
osv
CVE-2022-30959
2022-05-17 15:15:10
cvelist
cvelist
CVE-2022-30959
2022-05-17 14:06:32
nessus
nessus