CVE-2022-28143
CVSS v3.1
6.5 (Medium)
CVSS v2.0
4 (Medium)
EPSS
0.07 % (31th)
Affected Products
1
Advisories
2
A cross-site request forgery (CSRF) vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password (perform a connection test), disable SSL/TLS validation for the entire Jenkins controller JVM as part of the connection test (see CVE-2022-28142), and test a rollback with attacker-specified parameters.
- CVE Status
- PUBLISHED
- CNA
- Jenkins Project
- Published Date
-
2022-03-29 13:15:08
(2 years ago) - Updated Date
-
2023-11-17 17:27:22
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...