CVE-2022-34814

Summary

Jenkins Request Rename Or Delete Plugin 1.1.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view an administrative configuration page listing pending requests.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Request Rename Or Delete Pluginunspecified <= 1.1.0affected
Jenkins projectJenkins Request Rename Or Delete Pluginnext of 1.1.0 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References