CVE-2022-25208 is a vulnerability in Jenkins Chef Sinatra
Published on February 15, 2022

A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.

NVD

Products Associated with CVE-2022-25208

Want to know whenever a new CVE is published for Jenkins Chef Sinatra? stack.watch will email you.

Jenkins Chef Sinatra

Affected Versions

Jenkins project Jenkins Chef Sinatra Plugin:

Version unspecified, <= 1.20 is affected.
Version next of 1.20 and below unspecified is unknown.

Exploit Probability

EPSS

0.12%

Percentile

31.62%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-25208 is a vulnerability in Jenkins Chef SinatraPublished on February 15, 2022

Products Associated with CVE-2022-25208

Affected Versions

Exploit Probability

CVE-2022-25208 is a vulnerability in Jenkins Chef Sinatra
Published on February 15, 2022