vulnerability
FreeBSD: VID-A250539D-D1D4-4591-AFD3-C8BDFAC335D8 (CVE-2020-2107): jenkins -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Jan 29, 2020 | Jan 30, 2020 | Feb 28, 2020 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Jan 29, 2020
Added
Jan 30, 2020
Modified
Feb 28, 2020
Description
Jenkins Fortify Plugin 19.1.29 and earlier stores proxy server passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
Solution(s)
freebsd-upgrade-package-jenkinsfreebsd-upgrade-package-jenkins-lts
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.