Jenkins CollabNet Plugin Impersonation Vulnerability

Jenkins CollabNet Plugin Impersonation Vulnerability

CVE-2018-1000605 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to.

Learn more about our Web Application Penetration Testing UK.