Lucene search
K

5 matches found

OSV
OSV
added 2020/09/16 2:15 p.m.13 views

CVE-2020-2261

Jenkins Perfecto Plugin 1.17 and earlier executes a command on the Jenkins controller, allowing attackers with Job/Configure permission to run arbitrary commands on the Jenkins controller...

8.8CVSS7.1AI score
Exploits0References2
NVD
NVD
added 2020/09/16 2:15 p.m.14 views

CVE-2020-2260

A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials...

4.3CVSS0.00656EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/09/16 1:20 p.m.17 views

CVE-2020-2260

A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials...

4.5AI score0.00656EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/09/16 12:0 a.m.6 views

PT-2020-15486 · Jenkins · Jenkins Perfecto Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Perfecto Plugin versions 1.17 and earlier Description: The issue allows attackers with Job/Configure permission to run arbitrary commands on the Jenkins controller. This is possible because the Perfecto Plugin executes a command on th...

8.8CVSS8.8AI score0.01357EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2020/09/16 12:0 a.m.5 views

PT-2020-15485 · Jenkins · Jenkins Perfecto Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Perfecto Plugin versions 1.17 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials,...

4.3CVSS4.4AI score0.00656EPSS
Exploits0References6
Rows per page
Query Builder