CVE-2020-2251

Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.

Link	Resource
https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(2)	Vendor Advisory
http://www.openwall.com/lists/oss-security/2020/09/01/3	Mailing List Third Party Advisory

Configuration 1

cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:jenkins:*:* cpe:2.3:a:jenkins:soapui_pro_functional_testing:*:*:*:*:*:jenkins:*:*

---

Published : 2020-09-01 02:15

Updated : 2020-09-04 02:04

---

NVD link : CVE-2020-2251

Mitre link : CVE-2020-2251

No products.

CWE-319

Cleartext Transmission of Sensitive Information