CVE-2022-41254 – Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with …

21 September 2022

Vuln ID: CVE-2022-41254

Published: 2022-09-21 16:15:11Z

Description: Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Source: NVD.NIST.GOV

Date:

21 September 2022

Categorie(s):

NVD

Tag(s):

NVD

Essential Cyber Security Plan for Small Business20 April 2024
Are PayPal’s Executives Looking Towards Re-Inventing the Product’s Identity?20 April 2024
Why A One-Size-Fits-All Approach No Longer Works For Modern Banking Clients20 April 2024
What Is Zero Trust Architecture All About?20 April 2024
Great Tools To Help Protect Yourself And Your Devices20 April 2024