Vulnerability Details : CVE-2022-45383
An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fa_b_d860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission.
Exploit prediction scoring system (EPSS) score for CVE-2022-45383
Probability of exploitation activity in the next 30 days: 0.05%
CVSS scores for CVE-2022-45383
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
CWE ids for CVE-2022-45383
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.