cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34212,https://securityvulnerability.io/vulnerability/CVE-2022-34212,Missing Permission Check in Jenkins vRealize Orchestrator Plugin by Jenkins,"The vRealize Orchestrator Plugin for Jenkins has a security issue that arises from a missing permission check. This vulnerability could allow an attacker with Overall/Read permission to exploit the system by sending an unauthorized HTTP POST request to a specified URL. Such an attack compromises the intended access controls, potentially leading to exposure of sensitive data or manipulation of Jenkins operations. Users are advised to update to the latest version to mitigate risks associated with this vulnerability.",Jenkins,Jenkins Vrealize Orchestrator Plugin,5.7,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-34211,https://securityvulnerability.io/vulnerability/CVE-2022-34211,Cross-Site Request Forgery in Jenkins vRealize Orchestrator Plugin,"A Cross-Site Request Forgery (CSRF) vulnerability in the Jenkins vRealize Orchestrator Plugin versions 3.0 and earlier allows attackers to exploit the plugin by sending unauthorized HTTP POST requests to an attacker-specified URL. This can result in unintended actions being performed on behalf of users, potentially compromising the integrity and confidentiality of the system.",Jenkins,Jenkins Vrealize Orchestrator Plugin,6.5,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2022-06-22T14:41:55.000Z,0