Vulnerabilities > Jenkins > P4

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-21654 Unspecified vulnerability in Jenkins P4
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password.
network
low complexity
jenkins
4.3
4.3
2021-05-11 CVE-2021-21655 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins P4
A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password.
network
low complexity
jenkins CWE-352
7.1
7.1
2020-03-09 CVE-2020-2142 Missing Authorization vulnerability in Jenkins P4
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds.
network
low complexity
jenkins CWE-862
4.3
4.3
2020-03-09 CVE-2020-2141 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins P4
A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce.
network
low complexity
jenkins CWE-352
4.3
4.3