Vulnerability Details CVE-2022-45391
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.8%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-45391
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:-
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.129
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.130
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.134
-
cpe:2.3:a:jenkins:ns-nd_integration_performance_publisher:4.8.0.77