CVE-2022-25211

Summary

A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins SWAMP Pluginunspecified <= 1.2.6affected
Jenkins projectJenkins SWAMP Pluginnext of 1.2.6 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References