CVE-2022-25197

Summary

Jenkins HashiCorp Vault Plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins HashiCorp Vault Pluginunspecified <= 336.v182c0fbaaeb7affected
Jenkins projectJenkins HashiCorp Vault Pluginnext of 336.v182c0fbaaeb7 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References