CVE-2020-2154
published 2020-03-09CVE-2020-2154: Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | audit_trail_plugin | — | — |
| jenkins | backlog_plugin | — | — |
| jenkins | cobertura_plugin | — | — |
| jenkins | credentials_plugin | — | — |
| jenkins | cryptomove_plugin | — | — |
| jenkins | deployhub_plugin | — | — |
| jenkins | git_plugin | — | — |
| jenkins | literate_plugin | — | — |
| jenkins | logstash_plugin | — | — |
| jenkins | mac_cloud_host_launched_by_the_plugin | — | — |
| jenkins | mac_plugin | — | — |
| jenkins | openshift_deployer_plugin | — | — |
| jenkins | p4_plugin | — | — |
| jenkins | quality_gates_plugin | — | — |
| jenkins | repository_connector_plugin | — | — |
| jenkins | rundeck_plugin | — | — |
| jenkins | sandbox_protection_in_script_security_plugin | — | — |
| jenkins | script_security_plugin | — | — |
| jenkins | skytap_cloud_ci_plugin | — | — |
| jenkins | sonar_quality_gates_plugin | — | — |
| jenkins | subversion_release_manager_plugin | — | — |
| jenkins | timestamper_plugin | — | — |
| jenkins | yaml_input_files_to_literate_plugin | — | — |
| jenkins | zephyr_enterprise_test_management_plugin | — | — |
| jenkins | zephyr_for_jira_test_management | <= 1.5 | — |