CVE-2020-2250 is a vulnerability in Jenkins Soapui Pro Functional Testing
Published on September 1, 2020

Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system.

NVD

Products Associated with CVE-2020-2250

Want to know whenever a new CVE is published for Jenkins Soapui Pro Functional Testing? stack.watch will email you.

Jenkins Soapui Pro Functional Testing

Affected Versions

Jenkins project Jenkins SoapUI Pro Functional Testing Plugin:

Version unspecified, <= 1.3 is affected.

Exploit Probability

EPSS

0.23%

Percentile

45.11%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-2250 is a vulnerability in Jenkins Soapui Pro Functional TestingPublished on September 1, 2020

Products Associated with CVE-2020-2250

Affected Versions

Exploit Probability

CVE-2020-2250 is a vulnerability in Jenkins Soapui Pro Functional Testing
Published on September 1, 2020