Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Jenkins project

jenkins_vmware_lab_manager_slaves

5 Versions 4 CVEs

Versions

next of 0.2.8

OTHER 1 CVE

unspecified

OTHER 1 CVE

0.2.8 and earlier

OTHER 1 CVE

0.2.8

SEMANTIC 1 CVE

all versions as of 2019-04-03

DATE_BASED 2 CVEs

Recent CVEs

CVE-2020-2319

Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.

UNKNOWN Nov 04, 2020

CVE-2019-10382

Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master JVM.

UNKNOWN Aug 07, 2019

CVE-2019-1003078

A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.

UNKNOWN Apr 04, 2019

CVE-2019-1003079

A missing permission check in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.

UNKNOWN Apr 04, 2019