Описание
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-297
https://bugzilla.redhat.com/show_bug.cgi?id=1880454jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM
4.8 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.8
nvd
больше 5 лет назад
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
CVSS3: 4.8
github
больше 3 лет назад
Improper Validation of Certificate with Host Mismatch in Jenkins Mailer Plugin
4.8 Medium
CVSS3