CVE-2020-2094
published 2020-01-15CVE-2020-2094: A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | amazon_ec2_plugin | — | — |
| jenkins | health_advisor_by_cloudbees | <= 3.0 | — |
| jenkins | health_advisor_by_cloudbees_plugin | — | — |
| jenkins | redgate_sql_change_automation_plugin | — | — |
| jenkins | robot_framework_plugin | — | — |
| jenkins | sounds_plugin | — | — |
| jenkins_project | jenkins_health_advisor_by_cloudbees_plugin | unspecified – 3.0 | — |