CVE-2022-30958
- EPSS 0.07%
- Veröffentlicht 17.05.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:03:37
A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials ...
CVE-2022-30959
- EPSS 0.14%
- Veröffentlicht 17.05.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:03:37
A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing creden...
CVE-2022-30957
- EPSS 0.08%
- Veröffentlicht 17.05.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 07:03:37
A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2017-1000245
- EPSS 0.06%
- Veröffentlicht 01.11.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.