CVE-2020-2251

CVE-2020-2251

EPSS 0.5%

Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.

Affected products

Jenkins project · Jenkins SoapUI Pro Functional Testing Plugin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%282%29 http://www.openwall.com/lists/oss-security/2020/09/01/3