CVE-2022-27209 in Kubernetes and Jenkins Products
Published on March 15, 2022

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

NVD

Products Associated with CVE-2022-27209

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-27209 are published in these products:

Kubernetes Continuous Deploy

Jenkins Kubernetes Continuous Deploy

Affected Versions

Jenkins project Jenkins Kubernetes Continuous Deploy Plugin:

Version unspecified, <= 2.3.1 is affected.
Version next of 2.3.1 and below unspecified is unknown.

Exploit Probability

EPSS

0.75%

Percentile

72.38%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-27209 in Kubernetes and Jenkins ProductsPublished on March 15, 2022

Products Associated with CVE-2022-27209

Affected Versions

Exploit Probability

CVE-2022-27209 in Kubernetes and Jenkins Products
Published on March 15, 2022