CVE-2022-34804
CVE-2022-34804
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
30 Jun 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure.
Affected products
Jenkins project · Jenkins OpsGenie Plugin