Vulnerabilities > Jenkins > Collabnet

DATE CVE VULNERABILITY TITLE RISK
2022-08-23 CVE-2022-38665 Insufficiently Protected Credentials vulnerability in Jenkins Collabnet
Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
network
low complexity
jenkins CWE-522
6.5
6.5
2018-06-26 CVE-2018-1000605 Improper Certificate Validation vulnerability in Jenkins Collabnet
A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to.
network
jenkins CWE-295
5.8
5.8