Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2022-01-12T19:06:17
Updated: 2024-08-03T03:36:19.213Z
Reserved: 2022-01-11T00:00:00
Link: CVE-2022-23113
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-01-12T20:15:09.557
Modified: 2023-11-30T18:42:29.803
Link: CVE-2022-23113
Redhat
No data.