A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when the Jenkins plugin is configured to use login certificate credentials.
CPE | Name | Operator | Version |
---|---|---|---|
dimensions_cm | ge | 0.8.17 | |
dimensions_cm | le | 0.9.3 |