CVE-2022-23106
CVSS v3.1
5.3 (Medium)
CVSS v2.0
5 (Medium)
EPSS
0.08 % (35th)
Affected Products
1
Advisories
2
Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
Weaknesses
- CWE-203
- Observable Discrepancy
- CVE Status
- PUBLISHED
- CNA
- Jenkins Project
- Published Date
-
2022-01-12 20:15:09
(2 years ago) - Updated Date
-
2023-11-15 04:03:18
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...