CVE-2022-34208
published 2022-06-23CVE-2022-34208: A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | agent_server_parameter_plugin | — | — |
| jenkins | beaker_builder | <= 1.10 | — |
| jenkins | beaker_builder_plugin | — | — |
| jenkins | convertigo_mobile_platform_plugin | — | — |
| jenkins | crx_content_package_deployer_plugin | — | — |
| jenkins | date_parameter_plugin | — | — |
| jenkins | dynamic_extended_choice_parameter_plugin | — | — |
| jenkins | easyqa_plugin | — | — |
| jenkins | embeddable_build_status_plugin | — | — |
| jenkins | filesystem_list_parameter_plugin | — | — |
| jenkins | hidden_parameter_plugin | — | — |
| jenkins | image_tag_parameter_plugin | — | — |
| jenkins | improper_authorization_in_embeddable_build_status_plugin | — | — |
| jenkins | input_step_plugin | — | — |
| jenkins | jenkins_ci_server_plugin | — | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins | jianliao_notification_plugin | — | — |
| jenkins | junit_plugin | — | — |
| jenkins | maven_metadata_plugin | — | — |
| jenkins | nested_view_plugin | — | — |
| jenkins | ns-nd_integration_performance_publisher_plugin | — | — |
| jenkins | orchestrator_plugin | — | — |
| jenkins | package_version_plugin | — | — |