62 matches found
CVE-2019-10451
Jenkins SOASTA CloudTest Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
PT-2019-11845 · Jenkins · Jenkins Soasta Cloudtest Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins SOASTA CloudTest Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the...
CloudBees Jenkins SOASTA CloudTest Plugin Authorization Issues Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . SOASTA CloudTest Plugin is used in one of the mobile...
CVE-2019-11011
Akamai CloudTest before 58.30 allows remote code execution...
CVE-2019-11011
Akamai CloudTest before 58.30 allows remote code execution...
Remote code execution
Akamai CloudTest before 58.30 allows remote code execution...
CVE-2019-11011
Akamai CloudTest before 58.30 allows remote code execution...
CVE-2019-11011
CVE-2019-11011 affects Akamai CloudTest prior to version 58.30, where a remote code execution vulnerability is possible. The provided documents state the vulnerability and affected version but do not detail the underlying root cause, exploited components, or concrete remediation steps. No exploit...
CloudTest Vulnerability (CVE-2019-11011)
...
CloudBees Jenkins SOASTA CloudTest plugin cross-site request forgery vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . SOASTA CloudTest Plugin is used in one of the mobile...
CVE-2019-1003091
A missing permission check in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003091
A missing permission check in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003090
A cross-site request forgery vulnerability in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers to initiate a connection to an attacker-specified server...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers to initiate a connection to an attacker-specified server...
Input validation
A missing permission check in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003090
CVE-2019-1003090 : The issue is a cross-site request forgery in the Jenkins SOASTA CloudTest Plugin, specifically in the CloudTestServer.DescriptorImpl.doValidate form validation method, which allows an attacker to initiate a connection to an attacker-specified server. The connected documents con...
CVE-2019-1003091
CVE-2019-1003091 documents a missing permission check in the Jenkins SOASTA CloudTest Plugin. The vulnerability occurs in CloudTestServer.DescriptorImpl#doValidate form validation, enabling attackers with Overall/Read permission to initiate a connection to an attacker-specified server. The issue ...
CVE-2019-1003091
A missing permission check in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003090
A cross-site request forgery vulnerability in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers to initiate a connection to an attacker-specified server...
CVE-2019-1003090
A cross-site request forgery vulnerability in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpldoValidate form validation method allows attackers to initiate a connection to an attacker-specified server...