QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-41233

Back to search

CVE-2022-41233

Published: Sep 21, 2022

Modified: May 28, 2025

PUBLISHED

Description

Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled.

VendorProductVersions

Jenkins project

Jenkins Rundeck Plugin

affected
unspecified - <= 3.6.11
unknown
next of 3.6.11 - < unspecified

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now