Filtered by vendor Atlassian
Subscriptions
Filtered by product Crowd2
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-1000423 | 1 Atlassian | 1 Crowd2 | 2024-11-21 | N/A |
An insufficiently protected credentials vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java, CrowdConfigurationService.java that allows attackers with local file system access to obtain the credentials used to connect to Crowd 2. | ||||
CVE-2018-1000422 | 1 Atlassian | 1 Crowd2 | 2024-11-21 | N/A |
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings. |
Page 1 of 1.