CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> P4 >> 1.10.11 Security Vulnerabilities

CVE-2021-21654

Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password.

CVSS Score

4.3

EPSS Score

0.0

Published

2021-05-11

CVE-2021-21655

A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password.

CVSS Score

7.1

EPSS Score

0.001

Published

2021-05-11

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> P4 >> 1.10.11 Security Vulnerabilities

Products

Pricing

Contact Us