CVE-2020-2159

Summary

Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins CryptoMove Pluginunspecified <= 0.1.33affected
Jenkins projectJenkins CryptoMove Pluginnext of 0.1.33 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References