CVE-2020-2168: 
Java vulnerability analysis and mitigation

CVE-2020-2168 is a remote code execution (RCE) vulnerability discovered in the Jenkins Azure Container Service Plugin versions 1.0.1 and earlier, disclosed on March 25, 2020. The vulnerability affects the plugin's YAML parser configuration, which did not properly restrict the instantiation of arbitrary types (Jenkins Advisory, OSS Security).

The vulnerability stems from a misconfiguration in the YAML parser of the Azure Container Service Plugin that allows the instantiation of arbitrary types. This security flaw is rated as High severity according to CVSS scoring system. The vulnerability is specifically related to the plugin's build step functionality where YAML input files are processed (Jenkins Advisory).

The vulnerability enables remote code execution (RCE) capabilities that can be exploited by users who have the ability to provide YAML input files to the Azure Container Service Plugin's build step. This presents a significant security risk as it could allow attackers to execute arbitrary code on the affected Jenkins instance (Jenkins Advisory).

The vulnerability has been fixed in Azure Container Service Plugin version 1.0.2, which configures its YAML parser to only instantiate safe types. Users are strongly advised to upgrade to this version or later to address the security risk. The fix prevents the instantiation of arbitrary types through the YAML parser (Jenkins Advisory).