CVE-2022-23116

Description

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.

CVSS Version 3.1
CVSS Version 2.0

nvd
CVE ID: CVE-2022-23116
Base Score: 7.5
Base Severity: HIGH
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 3.9

nvd
CVE ID: CVE-2022-23116
Base Score: 5.0
Base Severity: MEDIUM
Vector String:AV:N/AC:L/Au:N/C:P/I:N/A:N

Refrence: NVD

Description​

Description