{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T22:24:51.046","vulnerabilities":[{"cve":{"id":"CVE-2022-34180","sourceIdentifier":"jenkinsci-cert@googlegroups.com","published":"2022-06-23T17:15:15.867","lastModified":"2024-11-21T07:09:00.857","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jenkins Embeddable Build Status Plugin 2.0.3 and earlier does not correctly perform the ViewStatus permission check in the HTTP endpoint it provides for \"unprotected\" status badge access, allowing attackers without any permissions to obtain the build status badge icon for any attacker-specified job and/or build."},{"lang":"es","value":"Jenkins Embeddable Build Status Plugin 2.0.3 y anteriores, no lleva a cabo correctamente la comprobación de permiso ViewStatus en el  endpoint HTTP que proporciona para el acceso a la insignia de estado \"desprotegida\", permitiendo a atacantes sin ningún permiso obtener el icono de la insignia de estado de construcción para cualquier trabajo y/o construcción especificado por el atacante"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jenkins:embeddable_build_status:*:*:*:*:*:jenkins:*:*","versionEndIncluding":"2.0.3","matchCriteriaId":"AACF5D1F-9B57-4F33-B85D-E356F38EEB62"}]}]}],"references":[{"url":"https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2794","source":"jenkinsci-cert@googlegroups.com","tags":["Vendor Advisory"]},{"url":"https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2794","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}