CVE-2020-2242

Summary

A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins database Pluginunspecified <= 1.6affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References