Zephyr Enterprise Test Management Plugin
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-2145 | 0.00 | — | 0.00 | Mar 9, 2020 | Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text on the Jenkins master file system. | |||
| CVE-2019-1003085 | 0.00 | — | 0.00 | Apr 4, 2019 | A missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. | |||
| CVE-2019-1003084 | 0.00 | — | 0.00 | Apr 4, 2019 | A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server. |
- CVE-2020-2145Mar 9, 2020risk 0.00cvss —epss 0.00
Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text on the Jenkins master file system.
- CVE-2019-1003085Apr 4, 2019risk 0.00cvss —epss 0.00
A missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
- CVE-2019-1003084Apr 4, 2019risk 0.00cvss —epss 0.00
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.