CVE-2022-25186

CVE-2022-25186

Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key.

Source: CVE-2022-25186

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다