CVE-2021-21654

Published: 2021-05-11T15:15Z

Last Modified: 2024-11-21T05:48Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt