CVE-2020-2108 is a vulnerability in Jenkins Websphere Deployer
Published on January 29, 2020

Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XXE attacks which can be exploited by a user with Job/Configure permissions.

NVD

Products Associated with CVE-2020-2108

Want to know whenever a new CVE is published for Jenkins Websphere Deployer? stack.watch will email you.

Jenkins Websphere Deployer

Affected Versions

Jenkins project Jenkins WebSphere Deployer Plugin:

Version unspecified, <= 1.6.1 is affected.
Version next of 1.6.1 and below unspecified is unknown.

Exploit Probability

EPSS

0.06%

Percentile

18.45%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-2108 is a vulnerability in Jenkins Websphere DeployerPublished on January 29, 2020

Products Associated with CVE-2020-2108

Affected Versions

Exploit Probability

CVE-2020-2108 is a vulnerability in Jenkins Websphere Deployer
Published on January 29, 2020