ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-1000423 | 2.1 |
An insufficiently protected credentials vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java, CrowdConfigurationService.java that allows attackers with local file system access to obtain the credenti
|
24-08-2020 - 17:37 | 09-01-2019 - 23:29 | |
CVE-2018-1000422 | 4.0 |
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacke
|
30-01-2019 - 16:02 | 09-01-2019 - 23:29 |