Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability stems from unencrypted group chat passwords stored in the plugin’s global configuration file, which can be viewed by an attacker with access to the Jenkins controller file system.
CPE | Name | Operator | Version |
---|---|---|---|
jenkins instant-messaging plugin | lt | 1.41 |