Description
A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup.
Remediation
References
https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2656
http://www.openwall.com/lists/oss-security/2022/07/27/1
Related Vulnerabilities
CVE-2022-41710 Vulnerability in npm package electron-markdownify
CVE-2023-33008 Vulnerability in maven package org.apache.johnzon:johnzon
CVE-2021-27738 Vulnerability in maven package org.apache.kylin:kylin-stream-coordinator
CVE-2021-25941 Vulnerability in npm package deep-override
CVE-2017-5641 Vulnerability in maven package org.apache.flex.blazeds:flex-messaging-core