5 matches found
CVE-2020-2267
A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller...
CloudBees Jenkins MongoDB Privilege Control Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A security vulnerability exis...
CVE-2020-2268
A cross-site request forgery CSRF vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller...
CVE-2020-2268
CVE-2020-2268 applies to Jenkins MongoDB Plugin 1.3 and earlier. The CSRF vulnerability arises because methods implementing form validation do not perform permission checks, allowing attackers with Overall/Read permission to access metadata of arbitrary files on the Jenkins controller. The form v...
PT-2020-15493 · Jenkins · Jenkins Mongodb Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins MongoDB Plugin versions 1.3 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller. This issue arises because the plug...