ID CVE-2022-43421
Summary A missing permission check in Jenkins Tuleap Git Branch Source Plugin 3.2.4 and earlier allows unauthenticated attackers to trigger Tuleap projects whose configured repository matches the attacker-specified value.
References
Vulnerable Configurations
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:-:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:-:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.7:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:1.0.7:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:2.0.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:2.0.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:2.0.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:2.0.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:2.0.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:2.0.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.4:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.5:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.0.5:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.1.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.1.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.0:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.0:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.1:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.1:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.2:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.2:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.3:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.3:*:*:*:*:jenkins:*:*
  • cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.4:*:*:*:*:jenkins:*:*
    cpe:2.3:a:jenkins:tuleap_git_branch_source:3.2.4:*:*:*:*:jenkins:*:*
CVSS
Base: None
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 25-10-2023 - 18:17
Published 19-10-2022 - 16:15
Last modified 25-10-2023 - 18:17
Back to Top