CVE-2020-2142
published 2020-03-09CVE-2020-2142: A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds.
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | audit_trail_plugin | — | — |
| jenkins | backlog_plugin | — | — |
| jenkins | cobertura_plugin | — | — |
| jenkins | credentials_plugin | — | — |
| jenkins | cryptomove_plugin | — | — |
| jenkins | deployhub_plugin | — | — |
| jenkins | git_plugin | — | — |
| jenkins | literate_plugin | — | — |
| jenkins | logstash_plugin | — | — |
| jenkins | mac_cloud_host_launched_by_the_plugin | — | — |
| jenkins | mac_plugin | — | — |
| jenkins | openshift_deployer_plugin | — | — |
| jenkins | p4 | <= 1.10.10 | — |
| jenkins | p4_plugin | — | — |
| jenkins | quality_gates_plugin | — | — |
| jenkins | repository_connector_plugin | — | — |
| jenkins | rundeck_plugin | — | — |
| jenkins | sandbox_protection_in_script_security_plugin | — | — |
| jenkins | script_security_plugin | — | — |
| jenkins | skytap_cloud_ci_plugin | — | — |
| jenkins | sonar_quality_gates_plugin | — | — |
| jenkins | subversion_release_manager_plugin | — | — |
| jenkins | timestamper_plugin | — | — |
| jenkins | yaml_input_files_to_literate_plugin | — | — |
| jenkins | zephyr_enterprise_test_management_plugin | — | — |