CVE-2022-23112

Summary

A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Publish Over SSH Pluginunspecified <= 1.22affected
Jenkins projectJenkins Publish Over SSH Pluginnext of 1.22 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References