CVE-2018-1000605

2018-06-2617:29:00

Google

osv.dev

0.001 Low

EPSS

Percentile

49.0%

JSON

A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to.

CPENameOperatorVersion
collabnet-plugineqcollabnet-2.0.4
collabnet-plugineqcollabnet-1.1.10
collabnet-plugineqcollabnet-2.0.2
collabnet-plugineqcollabnet-1.1.7
collabnet-plugineqcollabnet-1.1.6
collabnet-plugineqcollabnet-1.1.8
collabnet-plugineqcollabnet-1.2.0
collabnet-plugineqcollabnet-2.0.1
collabnet-plugineqcollabnet-1.1.9
collabnet-plugineqcollabnet-2.0.3

Name	Operator	Version
collabnet-plugin	eq	collabnet-2.0.4
collabnet-plugin	eq	collabnet-1.1.10
collabnet-plugin	eq	collabnet-2.0.2
collabnet-plugin	eq	collabnet-1.1.7
collabnet-plugin	eq	collabnet-1.1.6
collabnet-plugin	eq	collabnet-1.1.8
collabnet-plugin	eq	collabnet-1.2.0
collabnet-plugin	eq	collabnet-2.0.1
collabnet-plugin	eq	collabnet-1.1.9
collabnet-plugin	eq	collabnet-2.0.3

Rows per page:

1-10 of 111

References

jenkins.io/security/advisory/2018-06-25/#SECURITY-941

0.001 Low

EPSS

Percentile

49.0%

JSON

Related for OSV:CVE-2018-1000605