CVE-2022-29052 is a vulnerability in Jenkins Google Compute Engine
Published on April 12, 2022

Jenkins Google Compute Engine Plugin 4.3.8 and earlier stores private keys unencrypted in cloud agent config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.

NVD

Products Associated with CVE-2022-29052

Want to know whenever a new CVE is published for Jenkins Google Compute Engine? stack.watch will email you.

Jenkins Google Compute Engine

Affected Versions

Jenkins project Jenkins Google Compute Engine Plugin:

Version unspecified, <= 4.3.8 is affected.

Exploit Probability

EPSS

0.45%

Percentile

63.45%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-29052 is a vulnerability in Jenkins Google Compute EnginePublished on April 12, 2022

Products Associated with CVE-2022-29052

Affected Versions

Exploit Probability

CVE-2022-29052 is a vulnerability in Jenkins Google Compute Engine
Published on April 12, 2022