cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-1999025,https://securityvulnerability.io/vulnerability/CVE-2018-1999025,Man-in-the-Middle Vulnerability in Jenkins TraceTronic ECU-TEST Plugin,"A man-in-the-middle vulnerability exists in the Jenkins TraceTronic ECU-TEST Plugin versions prior to 2.4. This flaw affects the ATXPublisher.java and ATXValidator.java components, allowing attackers to impersonate any external service that Jenkins interacts with. Exploitation of this vulnerability can lead to unauthorized access and information disclosure, posing significant security risks to systems utilizing the affected plugin.",Jenkins,Tracetronic Ecu-test,7.4,HIGH,0.0012799999676644802,false,,false,false,false,,,false,false,,2022-10-03T16:22:22.000Z,0
CVE-2021-21612,https://securityvulnerability.io/vulnerability/CVE-2021-21612,,Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.,Jenkins,Jenkins Tracetronic Ecu-test Plugin,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-01-13T15:55:33.000Z,0
CVE-2018-1999026,https://securityvulnerability.io/vulnerability/CVE-2018-1999026,,A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host.,Jenkins,Tracetronic Ecu-test,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2018-08-01T13:00:00.000Z,0