CVE-2022-27198

A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token.
Configurations

Configuration 1

cpe:2.3:a:jenkins:cloudbees_aws_credentials:1.32:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:cloudbees_aws_credentials:*:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:cloudbees_aws_credentials:*:*:*:*:*:jenkins:*:*

Information

Published : 2022-03-15 05:15

Updated : 2022-03-23 06:04


NVD link : CVE-2022-27198

Mitre link : CVE-2022-27198

Products Affected
No products.
CWE