Identifier

CVE-2020-2242

Package Slug

maven/org.jenkins-ci.plugins/database

Vulnerability

Missing Authorization

Description

A missing permission check in the Jenkins database plugin allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.

Affected Versions

All versions up to 1.6

Solution

Upgrade to version 1.7 or above.

Last Modified

2020-09-04

source