Jenkins Inedo ProGet Plugin 0.8 and Earlier: Man-in-the-Middle Vulnerability

Jenkins Inedo ProGet Plugin 0.8 and Earlier: Man-in-the-Middle Vulnerability

CVE-2018-1999034 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to.

Learn more about our Api Penetration Testing.