February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-45382 – Jenkins Naginator Plugin Vulnerability
November 16, 2022Rewterz Threat Advisory – CVE-2022-45384 – Jenkins Reverse Proxy Auth Plugin Vulnerability
November 16, 2022Rewterz Threat Advisory – CVE-2022-45382 – Jenkins Naginator Plugin Vulnerability
November 16, 2022Rewterz Threat Advisory – CVE-2022-45384 – Jenkins Reverse Proxy Auth Plugin Vulnerability
November 16, 2022
Severity
Medium
Analysis Summary
CVE-2022-45383
Jenkins Support Core Plugin could allow a remote authenticated attacker to obtain sensitive information, caused by improper permission validation. By sending a specially-crafted request to create and download support bundles, an attacker could exploit this vulnerability to obtain sensitive diagnostic information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-45383
Affected Vendors
Jenkins
Affected Products
Jenkins Support Core Plugin 1206.v14049fa_b_d860
Remediation
Refer to Jenkins Security Advisory for patch, upgrade or suggested workaround information.