Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Collabnet
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38665 1 Jenkins 1 Collabnet 2024-11-21 N/A 6.5 MEDIUM
Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
CVE-2018-1000605 1 Jenkins 1 Collabnet 2024-11-21 5.8 MEDIUM 7.4 HIGH
A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to.