Arbitrary File Read Vulnerability in Jenkins HashiCorp Vault Plugin

Arbitrary File Read Vulnerability in Jenkins HashiCorp Vault Plugin

CVE-2022-25197 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Jenkins HashiCorp Vault Plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.

Learn more about our Web Application Penetration Testing UK.