CVE-2022-25186
CVSS v3.1
6.5 (Medium)
CVSS v2.0
4 (Medium)
EPSS
0.06 % (28th)
Affected Products
1
Advisories
2
Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Jenkins Project
- Published Date
-
2022-02-15 17:15:09
(2 years ago) - Updated Date
-
2023-11-15 03:39:13
(10 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...