Description
Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.
Remediation
References
https://jenkins.io/security/advisory/2019-10-16/#SECURITY-1615
Related Vulnerabilities
CVE-2023-34232 Vulnerability in npm package snowflake-sdk
CVE-2019-10424 Vulnerability in maven package com.technicolor:eloyente
CVE-2020-1758 Vulnerability in maven package org.keycloak:keycloak-services
CVE-2022-39203 Vulnerability in npm package matrix-appservice-irc
CVE-2021-33036 Vulnerability in maven package org.apache.hadoop:hadoop-yarn-server-common