CVE-2022-45399

Summary

A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Cluster Statistics Pluginunspecified <= 0.4.6affected
Jenkins projectJenkins Cluster Statistics Pluginnext of 0.4.6 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References