Security Advisory

CVE-2022-25186

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-15 16:11:11

Last updated 2024-08-03 04:36:06

Assigner jenkins

State PUBLISHED

Description

Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key.

← Browse all CVEs View on cve.org ↗