CVE-2022-36887 - A cross-site request forgery (CSRF) vulnerability in Jenkins Job Configuration History Plugin 1155.v

CVE-2022-36887

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins Job Configuration History Plugin 1155.v28a_46a_cc06a_5 and earlier allows attackers to delete entries from job, agent, and system configuration history, or restore older versions of job, agent, and system configurations.

References

Vulnerable Configurations

cpe:2.3:a:jenkins:job_configuration_history:1.9:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.9:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.10:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.10:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.11:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.11:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.12:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.12:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.13:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1.13:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.0:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.0:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.4:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.4:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.5:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.5:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.6:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.6:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.8:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.8:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.9:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.9:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.10:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.10:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.11:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.11:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.12:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.12:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.13:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.13:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.14:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.14:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.15:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.15:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.16:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.16:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.17:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.17:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.18:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.18:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.18.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.18.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.18.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.18.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.18.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.18.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.19:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.19:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.20:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.20:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.21:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.21:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.22:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.22:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.23:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.23:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.23.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.23.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.24:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.24:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.25:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.25:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.26:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.26:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.27:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.27:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.28:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.28:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.28.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.28.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.29:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.29:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.29-rc1073.41ef89cf4e15:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.29-rc1073.41ef89cf4e15:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.30:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.30:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1092.de9e11acbcf3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1092.de9e11acbcf3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1098.b666422863b2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1098.b666422863b2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1107.2354f08725a_8:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1107.2354f08725a_8:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1118.fdcd7d8898ff:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:2.31-rc1118.fdcd7d8898ff:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1119.v509e1017356b_:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1119.v509e1017356b_:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1133.v0f5420f85053:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1133.v0f5420f85053:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1139.v888b_656ca_f6d:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1139.v888b_656ca_f6d:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1146.v94c2521f9213:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1146.v94c2521f9213:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1155.v28a_46a_cc06a_5:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:job_configuration_history:1155.v28a_46a_cc06a_5:*:*:*:*:jenkins:*:*

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

25-10-2023 - 18:17

Published

27-07-2022 - 15:15

Last modified

25-10-2023 - 18:17