CVE-2020-2234 is a vulnerability in Jenkins Pipeline Maven Integration
Published on August 12, 2020

A missing permission check in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows users with Overall/Read access to connect to an attacker-specified JDBC URL using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins.

NVD

Products Associated with CVE-2020-2234

Want to know whenever a new CVE is published for Jenkins Pipeline Maven Integration? stack.watch will email you.

Jenkins Pipeline Maven Integration

Affected Versions

Jenkins project Jenkins Pipeline Maven Integration Plugin:

Version unspecified, <= 3.8.2 is affected.

Exploit Probability

EPSS

0.05%

Percentile

14.76%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-2234 is a vulnerability in Jenkins Pipeline Maven IntegrationPublished on August 12, 2020

Products Associated with CVE-2020-2234

Affected Versions

Exploit Probability

CVE-2020-2234 is a vulnerability in Jenkins Pipeline Maven Integration
Published on August 12, 2020