Lucene search

Database Security Vulnerabilities - 2020

cve

CVE-2020-2240

A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts.

8.8CVSS

9.1AI Score

0.001EPSS

2020-09-01 02:15 PM

cve

CVE-2020-2241

A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials.

8.8CVSS

8.7AI Score

0.001EPSS

2020-09-01 02:15 PM

cve

CVE-2020-2242

A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.

6.5CVSS

6.3AI Score

0.001EPSS

2020-09-01 02:15 PM