CVE-2022-45383

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-45383

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-45383.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-45383

Aliases

GHSA-w2j3-pq63-339w

Published

2022-11-15T20:15:11Z

Modified

2025-01-14T11:15:52.381422Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fabd860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission.

References

Affected packages

Git / github.com/jenkinsci/support-core-plugin

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/support-core-plugin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

9b7a1d48db0fdfb840ca3393e9462e687e69385b

Affected versions

1124.*

1124.vb_16439f088b_4

1130.*

1130.vb_eef6015fc37

1140.*

1140.vb_b_3b_7d866b_a_8

1148.*

1148.vedff8cb_56a_da_

1158.*

1158.v9189f64fec8c

1162.*

1162.vb_b_e5198c6b_22

1172.*

1172.va_1fcf85806d0

1174.*

1174.vc46f6b_04d894

1195.*

1195.v20a_701e8897e

1201.*

1201.v8d1f54a_6ec7c

1204.*

1204.v7ee88742a_53f

1206.*

1206.v14049fa_b_d860

support-core-1.*

support-core-1.0

support-core-1.1

support-core-1.2

support-core-1.3

support-core-1.4

support-core-1.5

support-core-1.6

support-core-1.7

support-core-1.8

support-core-2.*

support-core-2.0

support-core-2.1

support-core-2.10

support-core-2.11

support-core-2.12

support-core-2.13

support-core-2.14

support-core-2.15

support-core-2.16

support-core-2.17

support-core-2.18

support-core-2.19

support-core-2.2

support-core-2.20

support-core-2.21

support-core-2.22

support-core-2.23

support-core-2.24

support-core-2.25

support-core-2.27

support-core-2.28

support-core-2.29

support-core-2.3

support-core-2.30

support-core-2.31

support-core-2.32

support-core-2.33

support-core-2.34

support-core-2.35

support-core-2.36

support-core-2.37

support-core-2.38

support-core-2.39

support-core-2.4

support-core-2.40

support-core-2.41

support-core-2.42

support-core-2.43

support-core-2.44

support-core-2.45

support-core-2.45.1

support-core-2.46

support-core-2.47

support-core-2.48

support-core-2.49

support-core-2.5

support-core-2.50

support-core-2.51

support-core-2.52

support-core-2.53

support-core-2.54

support-core-2.55

support-core-2.56

support-core-2.57

support-core-2.58

support-core-2.59

support-core-2.6

support-core-2.60

support-core-2.61

support-core-2.62

support-core-2.63

support-core-2.63-alpha

support-core-2.64

support-core-2.65

support-core-2.66

support-core-2.67

support-core-2.68

support-core-2.69

support-core-2.7

support-core-2.70

support-core-2.71

support-core-2.72

support-core-2.73

support-core-2.74

support-core-2.75

support-core-2.76

support-core-2.77

support-core-2.78

support-core-2.79

support-core-2.8

support-core-2.80

support-core-2.81

support-core-2.9