Description
A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to.
Remediation
References
https://jenkins.io/security/advisory/2018-07-30/#SECURITY-935
Related Vulnerabilities
CVE-2014-0086 Vulnerability in maven package org.richfaces.core:richfaces-core-impl
CVE-2023-34459 Vulnerability in npm package @openzeppelin/contracts-upgradeable
CVE-2017-12625 Vulnerability in maven package org.apache.hive.hcatalog:hive-hcatalog-core
CVE-2020-24582 Vulnerability in npm package zulip
CVE-2020-17531 Vulnerability in maven package org.apache.tapestry:tapestry-core