CVE-2022-41233 – Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks …

Vuln ID: CVE-2022-41233

Published:  2022-09-21  16:15:10Z

Description: Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled.

Source: NVD.NIST.GOV