Vulnerability Details CVE-2022-28147
A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.6%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
References
Products affected by CVE-2022-28147
-
cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:-
-
cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:1.0
-
cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:1.2
-
cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:2.0
-
cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:2.2
-
cpe:2.3:a:jenkins:continuous_integration_with_toad_edge:2.3