6.5
CVE-2022-25197
- EPSS 0.62%
- Veröffentlicht 15.02.2022 17:15:10
- Zuletzt bearbeitet 21.11.2024 06:51:47
- Quelle jenkinsci-cert@googlegroups.co
- CVE-Watchlists
- Unerledigt
LoginJenkins HashiCorp Vault Plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jenkins ≫ Hashicorp Vault SwPlatformjenkins Version <= 336.v182c0fbaaeb7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.62% | 0.691 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|