A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2022-05-17T14:06:29
Updated: 2024-08-03T07:03:39.918Z
Reserved: 2022-05-16T00:00:00
Link: CVE-2022-30958
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-17T15:15:10.013
Modified: 2023-11-03T17:55:20.110
Link: CVE-2022-30958
Redhat
No data.