Lucene search

Jenkins VMware Lab Manager Slaves Plugin Security Vulnerabilities

cve

CVE-2020-2319

Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file...

6.5CVSS

6.4AI Score

0.001EPSS

2020-11-04 03:15 PM

cve

CVE-2019-10382

Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master...

6.5CVSS

6.4AI Score

0.002EPSS

2019-08-07 03:15 PM

cve

CVE-2019-1003078

A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified...

6.5CVSS

6.3AI Score

0.001EPSS

2019-04-04 04:29 PM

cve

CVE-2019-1003079

A missing permission check in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified...

6.5CVSS

6.2AI Score

0.001EPSS

2019-04-04 04:29 PM