Vulnerabilities > Jenkins > Collabnet
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-23 | CVE-2022-38665 | Insufficiently Protected Credentials vulnerability in Jenkins Collabnet Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 6.5 |
2018-06-26 | CVE-2018-1000605 | Improper Certificate Validation vulnerability in Jenkins Collabnet A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to. | 5.8 |