CVE-2020-2239

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:parameterized_remote_trigger:*:*:*:*:*:jenkins:*:*

Information

Published : 2020-09-01 07:15

Updated : 2020-09-03 06:34


NVD link : CVE-2020-2239

Mitre link : CVE-2020-2239


JSON object : View

CWE
CWE-311

Missing Encryption of Sensitive Data

Advertisement

dedicated server usa

Products Affected

jenkins

  • parameterized_remote_trigger