Vulnerability Details CVE-2022-38666
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and earlier unconditionally disables SSL/TLS certificate and hostname validation for several features.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.8%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-38666
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:-
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.129
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.130
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.134
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.146
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.77