Описание
SSL/TLS certificate validation unconditionally disabled by Jenkins Micro Focus Application Automation Tools Plugin
Micro Focus Application Automation Tools Plugin 6.7 and earlier unconditionally disables SSL/TLS certificate validation for connections to Service Virtualization servers.
Micro Focus Application Automation Tools Plugin 6.8 no longer disables SSL/TLS certificate validation unconditionally by default. It provides an option to disable SSL/TLS certification validation for connections to Service Virtualization servers.
Пакеты
org.jenkins-ci.plugins:hp-application-automation-tools-plugin
<= 6.7
6.8
Связанные уязвимости
Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow unconditionally disabling of SSL/TLS certificates.