ID CVE-2022-36881
Summary Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:jenkins:git_client:1.0.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.0.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.0.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.0.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.0.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.0.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.0.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.0.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.0.7:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.0.7:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.1.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.1.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.1.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.1.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.2.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.2.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.3.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.3.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.4.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.4.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.4.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.4.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.4.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.4.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.4.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.4.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.4.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.4.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.4.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.4.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.6.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.6.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.6.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.6.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.6.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.6.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.6.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.6.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.6.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.6.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.6.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.6.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.7.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.7.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.8.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.8.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.8.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.8.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.9.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.9.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.9.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.9.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.10.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.10.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.10.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.10.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.10.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.10.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.11.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.11.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.11.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.11.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.12.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.12.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.13.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.13.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.14.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.14.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.14.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.14.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.15.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.15.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.16.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.16.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.17.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.17.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.17.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.17.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.18.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.18.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.19.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.19.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.19.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.19.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.19.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.19.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.19.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.19.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.19.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.19.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.19.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.19.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.19.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.19.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.19.7:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.19.7:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.20.0:beta1:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.20.0:beta1:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.20.0:beta3:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.20.0:beta3:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:1.21.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:1.21.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.0.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.0.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.0.0:beta1:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.0.0:beta1:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.1.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.1.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.2.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.2.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.2.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.2.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.3.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.3.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.4.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.4.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.4.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.4.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.4.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.4.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.4.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.4.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.4.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.4.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.4.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.4.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.5.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.5.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.7.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.7.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.7.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.7.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.7.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.7.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.7.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.7.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.7.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.7.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.7.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.7.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.7.6:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.7.6:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.7.7:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.7.7:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:2.8.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:2.8.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta1:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta1:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta2:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta2:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta3:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta3:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta4:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta4:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta5:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta5:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta6:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta6:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta7:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta7:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta8:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta8:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:beta9:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:beta9:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.0.0:rc:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.0.0:rc:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:git_client:3.11.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:git_client:3.11.0:*:*:*:*:jenkins:*:*
CVSS
Base: None
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 25-10-2023 - 18:17
Published 27-07-2022 - 15:15
Last modified 25-10-2023 - 18:17
Back to Top