CVE-2022-41235

Summary

Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins WildFly Deployer Pluginunspecified <= 1.0.2affected
Jenkins projectJenkins WildFly Deployer Pluginnext of 1.0.2 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References