Description
A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to.
Remediation
References
https://jenkins.io/security/advisory/2018-07-30/#SECURITY-933
Related Vulnerabilities
CVE-2023-24450 Vulnerability in maven package org.jenkins-ci.plugins:view-cloner
CVE-2023-6835 Vulnerability in maven package org.wso2.carbon.apimgt:org.wso2.carbon.forum
CVE-2020-7012 Vulnerability in npm package kibana
CVE-2016-3084 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-server
CVE-2023-39156 Vulnerability in maven package org.jenkins-ci.plugins:bazaar