6.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.0%
Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation for connections to the HP ALM service.
Bumblebee HP ALM Plugin no longer does that. Instead, it now allows users to opt out of certificate validation.
jenkins.io/security/advisory/2019-10-16/#SECURITY-1481
nvd.nist.gov/vuln/detail/CVE-2019-10444