CVE-2020-2204 is a vulnerability in Jenkins Fortify On Demand
Published on July 2, 2020

A missing permission check in Jenkins Fortify on Demand Plugin 5.0.1 and earlier allows attackers with Overall/Read permission to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs.

NVD

Products Associated with CVE-2020-2204

Want to know whenever a new CVE is published for Jenkins Fortify On Demand? stack.watch will email you.

Jenkins Fortify On Demand

Affected Versions

Jenkins project Jenkins Fortify on Demand Plugin:

Version unspecified, <= 5.0.1 is affected.

Exploit Probability

EPSS

0.03%

Percentile

8.51%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-2204 is a vulnerability in Jenkins Fortify On DemandPublished on July 2, 2020

Products Associated with CVE-2020-2204

Affected Versions

Exploit Probability

CVE-2020-2204 is a vulnerability in Jenkins Fortify On Demand
Published on July 2, 2020