CVE-2017-2648

Summary

It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks.

Affected Software

VendorProductVersion RangeStatus
Jenkinsjenkins-ssh-slaves-plugin1.15affected

Weaknesses

  • CWE-295: CWE-295

ADP Enrichment

CVE Program Container

Additional References

References