Jenkins Google Compute Engine Plugin 4.1.1 and previous versions does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins google compute engine |