Skip to main content

Zephyr For Jira Test Management

3 CVEs product

Monthly

CVE-2020-2216 Maven MEDIUM This Month

A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Jenkins Authentication Bypass Zephyr For Jira Test Management
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-2215 Maven MEDIUM This Month

A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian CSRF Jenkins Zephyr For Jira Test Management
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-2154 Maven MEDIUM This Month

Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Atlassian Jenkins Information Disclosure Zephyr For Jira Test Management
NVD
CVSS 3.1
5.5
EPSS
0.3%
EPSS 1% CVSS 4.3
MEDIUM This Month

A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Jenkins Authentication Bypass +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian CSRF Jenkins +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Atlassian Jenkins Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy