CVE-2020-2185

Published: May 6, 2020

Modified: Aug 4, 2024

PUBLISHED

Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks.

Vendor	Product	Versions
Jenkins project	Jenkins Amazon EC2 Plugin	affected `unspecified - <= 1.50.1`

x_refsource_CONFIRM

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.