1. CVE-Search
  2. CVE-2022-28151
ID CVE-2022-28151
Summary A missing permission check in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers with Item/Read permission to change the owners and item-specific permissions of a job.
References
Vulnerable Configurations
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.1.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.1.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.2.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.2.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.2.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.2.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.5.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.5.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.7:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.7:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.8:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.8:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.9.0:-:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.9.0:-:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.9.0:beta1:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.9.0:beta1:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.9.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.9.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.10.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.10.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.11.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.11.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.12.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.12.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.12.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.12.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:job_and_node_ownership:0.13.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:job_and_node_ownership:0.13.0:*:*:*:*:jenkins:*:*
CVSS
Base: 4.0 (as of 03-11-2023 - 02:34)
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:P/A:N
Last major update 03-11-2023 - 02:34
Published 29-03-2022 - 13:15
Last modified 03-11-2023 - 02:34
Back to Top