Lucene search
Redhat.comRH:CVE-2022-43408HistoryOct 20, 2022 - 7:17 a.m.
CVE-2022-43408
2022-10-2007:17:19
redhat.com
access.redhat.com
18
cve-2022-43408
cross-site request forgery
jenkins builds bypass
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
25.4%
A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.
Related
github
github
veracode
veracode
Authorization Bypass
2022-10-20 15:26:59
cvelist
cvelist
CVE-2022-43408
2022-10-19 00:00:00
cve
cve
CVE-2022-43408
2022-10-19 16:15:10
prion
prion
Cross site request forgery (csrf)
2022-10-19 16:15:00
nvd
nvd
CVE-2022-43408
2022-10-19 16:15:10
osv
osv
redhat
redhat
nessus
nessus
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-01-24 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
25.4%
Related for RH:CVE-2022-43408