Vulnerabilities > CVE-2020-2185 - Unspecified vulnerability in Jenkins Amazon EC2

047910
CVSS 5.6 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
LOW
network
high complexity
jenkins

Summary

Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks.