Lucene search
K

5 matches found

CNVD
CNVD
added 2020/06/04 12:0 a.m.2 views

CloudBees Jenkins Self-Organizing Swarm Plug-in Modules Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks.Self-Organizing Swarm Plug-in Modules Plugin is a plug-in that supports the...

6.5CVSS6.9AI score0.00613EPSS
Exploits0References1
NVD
NVD
added 2020/06/03 1:15 p.m.22 views

CVE-2020-2192

A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels...

6.5CVSS6.3AI score0.00613EPSS
Exploits0References2
OSV
OSV
added 2020/06/03 1:15 p.m.20 views

CVE-2020-2192

A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels...

6.5CVSS6.9AI score
Exploits0References2
CVE
CVE
added 2020/06/03 12:40 p.m.82 views

CVE-2020-2192

The CVE-2020-2192 entry covers a CSRF vulnerability in Jenkins Swarm Plugin (Self-Organizing Swarm Plug-in Modules) up to version 3.20. The issue arises because the plugin exposes API endpoints that add or remove agent labels and, in 3.20 and earlier, do not perform regular permission checks or r...

6.5CVSS6.3AI score0.00613EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/06/03 12:0 a.m.4 views

PT-2020-15405 · Jenkins · Jenkins Self-Organizing Swarm Plug-In Modules Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Self-Organizing Swarm Plug-in Modules Plugin versions 3.20 and earlier Description: The issue concerns the lack of permission checks on API endpoints that allow adding and removing agent labels. This allows users with Agent/Create...

5.4CVSS4.4AI score0.00656EPSS
Exploits0References8
Rows per page
Query Builder