cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-23114,https://securityvulnerability.io/vulnerability/CVE-2022-23114,Password Exposure Vulnerability in Jenkins Publish Over SSH Plugin,"The Jenkins Publish Over SSH Plugin versions 1.22 and earlier are affected by a vulnerability that results in the storage of passwords in an unencrypted format within the global configuration file of the Jenkins controller. This poses a risk as passwords can be easily accessed by any user with permissions to view the Jenkins controller's file system, enabling unauthorized access to sensitive information and potential exploitation.",Jenkins,Jenkins Publish Over Ssh Plugin,3.3,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-01-12T19:06:19.000Z,0
CVE-2022-23113,https://securityvulnerability.io/vulnerability/CVE-2022-23113,Path Traversal Vulnerability in Jenkins Publish Over SSH Plugin,"The Jenkins Publish Over SSH Plugin prior to version 1.23 is affected by a path traversal vulnerability. This issue occurs because the plugin inadequately validates file names, allowing attackers who possess Item/Configure permissions to exploit this flaw. By doing so, they can potentially discover the names of files on the Jenkins controller, leading to unauthorized access to sensitive information.",Jenkins,Jenkins Publish Over Ssh Plugin,4.3,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2022-01-12T19:06:17.000Z,0
CVE-2022-23112,https://securityvulnerability.io/vulnerability/CVE-2022-23112,Missing Permission Check in Jenkins Publish Over SSH Plugin,"A security vulnerability in the Jenkins Publish Over SSH Plugin allows attackers with Overall/Read access to connect to arbitrary SSH servers using attacker-specified credentials. This oversight could potentially expose sensitive information and allow unauthorized actions on remote servers, emphasizing the importance of securing such plugins to prevent misuse.",Jenkins,Jenkins Publish Over Ssh Plugin,6.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-01-12T19:06:15.000Z,0
CVE-2022-23111,https://securityvulnerability.io/vulnerability/CVE-2022-23111,Cross-Site Request Forgery Vulnerability in Jenkins Publish Over SSH Plugin,"A vulnerability in the Jenkins Publish Over SSH Plugin allows malicious actors to exploit cross-site request forgery (CSRF) attacks. When successfully executed, attackers can leverage this vulnerability to connect to maliciously defined SSH servers using credentials of their choosing. This poses significant security risks, enabling unauthorized actions and data breaches within Jenkins environments.",Jenkins,Jenkins Publish Over Ssh Plugin,4.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2022-01-12T19:06:13.000Z,0
CVE-2022-23110,https://securityvulnerability.io/vulnerability/CVE-2022-23110,Stored XSS in Jenkins Publish Over SSH Plugin by Cloudbees,"The Jenkins Publish Over SSH Plugin up to version 1.22 contains a vulnerability due to improper escaping of the SSH server name. This flaw permits attackers with Overall/Administer permissions to exploit the vulnerability, enabling stored cross-site scripting (XSS). When exploited, malicious scripts can be injected and stored, posing a significant risk to users accessing the affected Jenkins instance. Administrators are urged to upgrade to the latest version and implement security best practices to mitigate potential risks.",Jenkins,Jenkins Publish Over Ssh Plugin,4.8,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-01-12T19:06:11.000Z,0