CVE-2022-34804

MEDIUM(4.3)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Risk Signal Score11/100 — NIEDRIG

CVSS 4.3 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

4.3

Technische Schwere

Beschreibung

Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure.

Referenzen

https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1877
https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1877