Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Zephyr For Jira Test Management
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-2216 1 Jenkins 1 Zephyr For Jira Test Management 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password.
CVE-2020-2215 1 Jenkins 1 Zephyr For Jira Test Management 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified username and password.
CVE-2020-2154 1 Jenkins 1 Zephyr For Jira Test Management 2024-11-21 2.1 LOW 5.5 MEDIUM
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system.