SSL/TLS Certificate Validation Bypass in Jenkins Delphix Plugin
CVE-2024-28162
Currently unrated
Summary
In Jenkins Delphix Plugin 3.0.1 through 3.1.0 (both inclusive) a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation.
Affected Version(s)
Jenkins Delphix Plugin 3.0.1 <= 3.1.0
References
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database