Lucene search
China National Vulnerability DatabaseCNVD-2022-54941HistoryMar 31, 2022 - 12:00 a.m.
Jenkins instant-messaging Plugin信息泄露漏洞
2022-03-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
0.001 Low
EPSS
Percentile
28.5%
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability stems from unencrypted group chat passwords stored in the plugin’s global configuration file, which can be viewed by an attacker with access to the Jenkins controller file system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins instant-messaging plugin | lt | 1.41 |
Related
prion
prion
Design/Logic Flaw
2022-03-29 13:15:00
osv
osv
Plaintext storage in Jenkins instant-messaging Plugin
2022-03-30 00:00:25
CVE-2022-28135
2022-03-29 13:15:08
cvelist
cvelist
CVE-2022-28135
2022-03-29 12:30:47
nvd
nvd
CVE-2022-28135
2022-03-29 13:15:08
cve
cve
CVE-2022-28135
2022-03-29 13:15:08
github
github
Plaintext storage in Jenkins instant-messaging Plugin
2022-03-30 00:00:25
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-03-29)
2022-03-31 00:00:00