Vulnerabilities > Jenkins > Self Organizing Swarm Modules > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-2192 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Self-Organizing Swarm Modules A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels. | 6.5 |
| 2020-06-03 | CVE-2020-2191 | Incorrect Default Permissions vulnerability in Jenkins Self-Organizing Swarm Modules Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels. | 4.3 |