CVE-2022-34801

MEDIUM(4.3)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Risk Signal Score11/100 — NIEDRIG

CVSS 4.3 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

4.3

Technische Schwere

Beschreibung

Jenkins Build Notifications Plugin 1.5.0 and earlier transmits tokens in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.

Referenzen

https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2056
https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2056