4.3

CVSS Score

Basic Information

CVE ID

CVE-2020-2202

GHSA ID

GHSA-fph2-fwjq-prjf

EPSS Score

CWE

CWE-285

Published

5/24/2022

Updated

12/22/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-2202

CVE-2020-2202:
Users with Overall/Read access could enumerate credentials IDs in Jenkins Fortify on Demand Plugin

Fortify on Demand Plugin provides a list of applicable credentials IDs to allow users configuring the plugin to select the one to use.

This functionality does not correctly check permissions in Fortify on Demand Plugin 6.0.0 and earlier, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those can be used as part of an attack to capture the credentials using another vulnerability.

An enumeration of credentials IDs in Fortify on Demand Plugin 6.0.1 now requires the appropriate permissions.

(GitHub Advisory)

4.3

CVSS Score

Basic Information

CVE ID

CVE-2020-2202

GHSA ID

GHSA-fph2-fwjq-prjf

EPSS Score

CWE

CWE-285

Published

5/24/2022

Updated

12/22/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.jenkins-ci.plugins:fortify-on-demand-uploader	maven	<= 6.0.0	6.0.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from multiple credential enumeration functions in FodGlobalDescriptor.java that lacked proper permission checks (Jenkins.ADMINISTER). The commit 28932f7 added these checks, confirming these functions were previously vulnerable. The functions directly interact with credential storage and were accessible to users with only Overall/Read permissions, enabling ID enumeration. The high confidence comes from explicit permission check additions in the patch diff and CWE-285/862 mappings.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*orti*y on **m*n* Plu*in provi**s * list o* *ppli***l* *r***nti*ls I*s to *llow us*rs *on*i*urin* t** plu*in to s*l**t t** on* to us*. T*is *un*tion*lity *o*s not *orr**tly ****k p*rmissions in *orti*y on **m*n* Plu*in *.*.* *n* **rli*r, *llowin* *n

Reasoning

T** vuln*r**ility st*mm** *rom multipl* *r***nti*l *num*r*tion *un*tions in *o**lo**l**s*riptor.j*v* t**t l**k** prop*r p*rmission ****ks (J*nkins.**MINIST*R). T** *ommit ******* ***** t**s* ****ks, *on*irmin* t**s* *un*tions w*r* pr*viously vuln*r**

4.3

Basic Information

Concerned about an active attack path?

CVE-2020-2202: Users with Overall/Read access could enumerate credentials IDs in Jenkins Fortify on Demand Plugin

4.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2020-2202:
Users with Overall/Read access could enumerate credentials IDs in Jenkins Fortify on Demand Plugin

Vulnerability Intelligence
Miggo AI