CVE-2022-27215 · CVEKit

cve.orgen

201 chars

A missing permission check in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.

NVDen

201 chars

A missing permission check in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.

OSV.deven

201 chars

A missing permission check in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.

GHSAen

201 chars

A missing permission check in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.

NVDes

251 chars

Una falta de comprobación de permisos en el Plugin Release Helper de Jenkins versiones 1.3.3 y anteriores, permite a atacantes con permiso Overall/Read conectarse a una URL especificada por el atacante usando credenciales especificadas por el atacante

CVSS metrics across sources

3

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N
3.1	Primary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N