Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins ec2 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-10364
Jenkins Amazon EC2 Plugin 1.43 and previous versions wrote the beginning of private keys to the Jenkins system log.
Jenkins Ec2
8.8
CVSSv3
CVE-2017-1000502
Users with permission to create or configure agents in Jenkins 1.37 and previous versions could configure an EC2 agent to run arbitrary shell commands on the master node whenever the agent was supposed to be launched. Configuration of these agents now requires the 'Run Scrip...
Jenkins Ec2
8.8
CVSSv3
CVE-2020-2090
A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and previous versions allows malicious users to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method.
Jenkins Amazon Ec2
8.1
CVSSv3
CVE-2020-2091
A missing permission check in Jenkins Amazon EC2 Plugin 1.47 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method.
Jenkins Amazon Ec2
5.6
CVSSv3
CVE-2020-2185
Jenkins Amazon EC2 Plugin 1.50.1 and previous versions does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks.
Jenkins Amazon Ec2
4.3
CVSSv3
CVE-2020-2186
A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and previous versions allows malicious users to provision instances.
Jenkins Amazon Ec2
5.6
CVSSv3
CVE-2020-2187
Jenkins Amazon EC2 Plugin 1.50.1 and previous versions unconditionally accepts self-signed certificates and does not perform hostname validation, enabling man-in-the-middle attacks.
Jenkins Amazon Ec2
4.3
CVSSv3
CVE-2020-2188
A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and previous versions in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.
Jenkins Amazon Ec2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started