Vulnerabilities > CVE-2022-45394 - Missing Authorization vulnerability in Jenkins Delete LOG 1.0

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
jenkins
CWE-862
NVD
Published: 2022-11-15
Updated: 2023-11-01

Summary

A missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/Read permission to delete build logs.

Vulnerable Configurations

Part Description Count
Application
Jenkins
2

Common Weakness Enumeration (CWE)

References