Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2022-41253

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Vendors

  • Jenkins project

Products

  • Jenkins CONS3RT Plugin

Additional Info

Technical Analysis