3 matches found
org.jenkins-ci.plugins:ec2-cloud-axis (>=1.0 <=1.2) potentially affected by CVE-2020-2188 via org.jenkins-ci.plugins:ec2 (=1.19)
org.jenkins-ci.plugins:ec2 MAVEN version =1.19 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:ec2 and may be impacted: - org.jenkins-ci.plugins:ec2-cloud-axis =1.0, =1.2 Source cves: CVE-2020-2188 Source advisory:...
CVE-2020-2188
A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...
CVE-2020-2188
Summary (CVE-2020-2188) : The Jenkins Amazon EC2 Plugin (versions 1.50.1 and earlier) contains a missing permission check in form-related methods that allows any user with Overall/Read access to enumerate credentials IDs stored in Jenkins. This exposure can aid an attacker who already has basic a...