Lucene search
Redhat.comRH:CVE-2022-36881HistoryAug 03, 2022 - 8:40 a.m.
CVE-2022-36881
2022-08-0308:40:39
redhat.com
access.redhat.com
24
jenkins
git-client plugin
ssh
host key verification
security flaw
cve-2022-36881
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
53.5%
A flaw was found in the Git-Client Jenkins plugin. The affected versions of the Jenkins Git client Plugin do not perform SSH host key verification when connecting to Git repositories via SSH, enabling Man-in-the-middle attacks.
Related
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.10.41 (RHSA-2022:7865)
2023-01-23 00:00:00
RHEL 8 : OpenShift Container Platform 4.8.56 (RHSA-2023:0017)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.8.56 (RHSA-2023:0017)
2024-01-24 00:00:00
nvd
nvd
CVE-2022-36881
2022-07-27 15:15:08
osv
osv
CVE-2022-36881
2022-07-27 15:15:08
Jenkins Git client plugin 3.11.0 does not perform SSH host key verification
2022-07-28 00:00:43
cvelist
cvelist
CVE-2022-36881
2022-07-27 14:20:49
alpinelinux
alpinelinux
CVE-2022-36881
2022-07-27 15:15:08
github
github
Jenkins Git client plugin 3.11.0 does not perform SSH host key verification
2022-07-28 00:00:43
prion
prion
Design/Logic Flaw
2022-07-27 15:15:00
cve
cve
CVE-2022-36881
2022-07-27 15:15:08
redhat
redhat
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
53.5%
Related for RH:CVE-2022-36881