CVE-2022-27210 vulnerability in Jenkins Products
Published on March 15, 2022

A cross-site request forgery (CSRF) vulnerability in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

NVD

Products Associated with CVE-2022-27210

stack.watch emails you whenever new vulnerabilities are published in Jenkins Kubernetes Continous Deploy or Jenkins Kubernetes Continuous Deploy. Just hit a watch button to start following.

Jenkins Kubernetes Continous Deploy

Jenkins Kubernetes Continuous Deploy

Affected Versions

Jenkins project Jenkins Kubernetes Continuous Deploy Plugin:

Version unspecified, <= 2.3.1 is affected.
Version next of 2.3.1 and below unspecified is unknown.

Exploit Probability

EPSS

0.16%

Percentile

36.50%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-27210 vulnerability in Jenkins ProductsPublished on March 15, 2022

Products Associated with CVE-2022-27210

Affected Versions

Exploit Probability

CVE-2022-27210 vulnerability in Jenkins Products
Published on March 15, 2022