Jenkins Zephyr For Jira Test Management vulnerabilities
3 known vulnerabilities affecting jenkins/zephyr_for_jira_test_management.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2020-2215MEDIUMCVSS 4.3≤ 1.52020-07-02
CVE-2020-2215 [MEDIUM] CWE-352 CVE-2020-2215: A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and
A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified username and password.
nvd
CVE-2020-2216MEDIUMCVSS 4.3≤ 1.52020-07-02
CVE-2020-2216 [MEDIUM] CWE-862 CVE-2020-2216: A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password.
nvd
CVE-2020-2154MEDIUMCVSS 5.5≤ 1.52020-03-09
CVE-2020-2154 [MEDIUM] CWE-312 CVE-2020-2154: Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system.
nvd