CVE-2022-41242

Missing Authorization in maven/org.jenkins-ci.plugins/extreme-feedback

Identifiers

GHSA-mrf6-4gw6-65v3, CVE-2022-41242

Package Slug

maven/org.jenkins-ci.plugins/extreme-feedback

Vulnerability

Missing Authorization

Description

A missing permission check in Jenkins extreme-feedback Plugin 1.7 and earlier allows attackers with Overall/Read permission to discover information about job names attached to lamps, discover MAC and IP addresses of existing lamps, and rename lamps.

Affected Versions

All versions up to 1.7

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-09-27

source