CVE-2020-2146

Summary

Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Mac Pluginunspecified <= 1.1.0affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References