Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-16	CVE-2020-2258	Incorrect Authorization vulnerability in Jenkins Health Advisor BY Cloudbees Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint. network low complexity jenkins CWE-863	4.3
2020-01-15	CVE-2020-2094	Missing Authorization vulnerability in Jenkins Health Advisor BY Cloudbees A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient. network low complexity jenkins CWE-862	4.3