CVE-2018-1999025
published 2018-08-01CVE-2018-1999025: A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers…
high7.4CVSS 3.0
AVNACHPRNUINSUCHIHAN
A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers to impersonate any service that Jenkins connects to.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | accurev_plugin | — | — |
| jenkins | agiletestware_pangolin_connector_for_testrail_plugin | — | — |
| jenkins | anchore_container_image_scanner_plugin | — | — |
| jenkins | confluence_publisher_plugin | — | — |
| jenkins | credentials_plugin | — | — |
| jenkins | inedo_buildmaster_plugin | — | — |
| jenkins | inedo_proget_plugin | — | — |
| jenkins | kubernetes_plugin | — | — |
| jenkins | publish_over_cifs_plugin | — | — |
| jenkins | read_access_to_jenkins_to_override_the_plugin | — | — |
| jenkins | resource_disposer_plugin | — | — |
| jenkins | saltstack_plugin | — | — |
| jenkins | shelve_project_plugin | — | — |
| jenkins | ssh_agent_plugin | — | — |
| jenkins | tinfoil_security_plugin | — | — |
| jenkins | tracetronic_ecu-test | <= 2.3 | — |
| jenkins | tracetronic_ecu-test_plugin | — | — |