-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:hp-application-automation-tools-plugin | maven | <= 6.7 | 6.8 |
Miggo AIRoot Cause AnalysisThe vulnerability stemmed from hardcoded SSL/TLS validation disabling in Service Virtualization connections. The patch introduced a 'trustEveryone' parameter to control validation. Key vulnerable functions are those that previously invoked CommandExecutorFactory.createCommandExecutor() without this parameter: