CVE-2020-2124 is a vulnerability in Jenkins Dynamic Extended Choice Parameter
Published on February 12, 2020
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
Products Associated with CVE-2020-2124
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-2124 are published in Jenkins Dynamic Extended Choice Parameter:
Affected Versions
Jenkins project Jenkins Dynamic Extended Choice Parameter Plugin:- Version unspecified, <= 1.0.1 is affected.
- Version next of 1.0.1 and below unspecified is unknown.
Exploit Probability
EPSS
0.03%
Percentile
8.78%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.