CVE-2024-28162
Severity CVSS v4.0:
Pending analysis
Type:
CWE-295
Improper Certificate Validation
Publication date:
06/03/2024
Last modified:
07/05/2025
Description
In Jenkins Delphix Plugin 3.0.1 through 3.1.0 (both inclusive) a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation.
Impact
Base Score 3.x
4.20
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:jenkins:delphix:*:*:*:*:*:jenkins:*:* | 3.0.1 (including) | 3.1.1 (excluding) |
To consult the complete list of CPE names with products and versions, see this page