CVE-2020-2157: 
Java vulnerability analysis and mitigation

CVE-2020-2157 affects the Jenkins Skytap Cloud CI Plugin versions 2.07 and earlier. The vulnerability was discovered and disclosed on March 9, 2020. The issue involves credentials being transmitted in plain text as part of the configuration form, despite being stored encrypted on disk (Jenkins Advisory, OSS Security).

The vulnerability has a CVSS severity rating of Low. The Skytap Cloud CI Plugin stores credentials in job config.xml files as part of its configuration. While these credentials are stored in an encrypted format on disk, they are transmitted in plain text as part of the configuration form, potentially exposing sensitive information (Jenkins Advisory).

The vulnerability could allow users with Extended Read permission to view credentials that should be protected. The exposure of credentials through browser extensions, cross-site scripting vulnerabilities, and similar situations could lead to unauthorized access to systems and services configured with these credentials (Jenkins Advisory).

As of the advisory publication date, there was no fix available for this vulnerability in the Skytap Cloud CI Plugin. Users should carefully consider who has Extended Read permissions on their Jenkins instance and monitor for potential credential exposure (Jenkins Advisory).