Описание
Jenkins Dynatrace Plugin contains Incorrect Default Permissions
A missing permission check in Jenkins Dynatrace Application Monitoring Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. This issue was patched in version 2.1.5, however, please
##NOTE: This plugin is marked as DEPRECATED
Пакеты
Наименование
org.jenkins-ci.plugins:dynatrace-dashboard
maven
Затронутые версииВерсия исправления
< 2.1.5
2.1.5
Связанные уязвимости
CVSS3: 6.5
nvd
больше 6 лет назад
A missing permission check in Jenkins Dynatrace Application Monitoring Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.