2 matches found
CVE-2020-2323
creationtimestamp| type| source ---|---|--- 2020-12-03 18:25:22+00:00| seen| https://t.me/cibsecurity/17095...
CVE-2020-2323
Summary: Jenkins Chaos Monkey Plugin 0.4 and earlier lacks permission checks on an HTTP endpoint. This allows attackers with Overall/Read to access the Chaos Monkey page and view action history. Mitigation: Upgrade to version 0.4.1 or later, which requires Overall/Administer permission to access ...