1. Home
  2. Vulnerabilities
  3. CVE-2020-2251

CVE-2020-2251

CVSS v3.1 4.3 (Medium)
43% Progress
CVSS v2.0 4 (Medium)
40% Progress
EPSS 0.05 % (23th)
0.05% Progress
Affected Products 2
Advisories 2
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Graph Web & Social Timeline

Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.

Weaknesses
CWE-319
Cleartext Transmission of Sensitive Information
CVE Status
PUBLISHED
CNA
Jenkins Project
Published Date
2020-09-01 14:15:13
(4 years ago)
Updated Date
2023-10-25 18:16:39
(10 months ago)

Affected Products

Jenkins

Configuration #1

    CPE23 From Up To
  Jenkins for Jenkins prior 2.236 version cpe:2.3:a:jenkins:jenkins::*:*:*:*:jenkins < 2.236
  Jenkins Soapui Pro Functional Testing for Jenkins 1.5 and prior versions cpe:2.3:a:jenkins:soapui_pro_functional_testing::*:*:*:*:jenkins <= 1.5