Vulnerabilities > CVE-2020-2322 - Missing Authorization vulnerability in Netflix Chaos Monkey 0.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |