VYPR
High severity7.5NVD Advisory· Published Jan 12, 2022· Updated Jun 17, 2026

CVE-2022-23117

CVE-2022-23117

Description

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.conjur.jenkins:conjur-credentialsMaven
< 1.0.101.0.10

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

1