CVE-2023-35142

Summary

Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default.

Affected Software

VendorProductVersion RangeStatus
Jenkins ProjectJenkins Checkmarx Plugin0 <= 2022.4.3affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References