6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.0%
A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers to impersonate any service that Jenkins connects to.
github.com/jenkinsci/ecutest-plugin
github.com/jenkinsci/ecutest-plugin/commit/d2b730c0e1c986d53d8d48c0cd5bb9a3b205a2bb
jenkins.io/security/advisory/2018-07-30/#SECURITY-932
nvd.nist.gov/vuln/detail/CVE-2018-1999025