CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28146

Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on the Jenkins controller as a parameter to its build steps.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

Products affected by CVE-2022-28146

Jenkins » Continuous Integration With Toad Edge » Version: N/A

cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:-
Jenkins » Continuous Integration With Toad Edge » Version: 1.0

cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:1.0
Jenkins » Continuous Integration With Toad Edge » Version: 1.2

cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:1.2
Jenkins » Continuous Integration With Toad Edge » Version: 2.0

cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:2.0
Jenkins » Continuous Integration With Toad Edge » Version: 2.2

cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:2.2
Jenkins » Continuous Integration With Toad Edge » Version: 2.3

cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28146

Products

Pricing

Contact Us