Skip to main content

Vmware Lab Manager Slaves

4 CVEs product

Monthly

CVE-2020-2319 Maven MEDIUM This Month

Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jenkins VMware Vmware Lab Manager Slaves
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2019-10382 Maven MEDIUM This Month

Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master JVM. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Jenkins VMware Information Disclosure Vmware Lab Manager Slaves
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2019-1003079 Maven MEDIUM This Month

A missing permission check in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins VMware Vmware Lab Manager Slaves
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2019-1003078 Maven MEDIUM This Month

A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins VMware CSRF Vmware Lab Manager Slaves
NVD
CVSS 3.0
6.5
EPSS
0.7%
EPSS 1% CVSS 6.5
MEDIUM This Month

Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jenkins VMware +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master JVM. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Jenkins VMware Information Disclosure +1
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

A missing permission check in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins VMware +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins VMware CSRF +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy