Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-27	CVE-2017-2648	Improper Certificate Validation vulnerability in Jenkins SSH Slaves It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks. network jenkins CWE-295	6.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.