Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2020-12-03T15:55:15
Updated: 2024-08-04T07:09:54.492Z
Reserved: 2019-12-05T00:00:00
Link: CVE-2020-2322
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-12-03T16:15:12.857
Modified: 2024-11-21T05:25:18.927
Link: CVE-2020-2322
Redhat
No data.