Lucene search
China National Vulnerability DatabaseCNVD-2022-58416HistoryJul 04, 2022 - 12:00 a.m.
Jenkins RocketChat Notifier Plugin信息泄露漏洞
2022-07-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
0.001 Low
EPSS
Percentile
22.2%
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An information disclosure vulnerability exists in Jenkins RocketChat Notifier Plugin version 1.5.2 and prior, which stems from storing unencrypted login passwords and webhook tokens in the global configuration file of the Jenkins controller, which can be exploited by an attacker to cause sensitive information to be accessed.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins rocketchat notifier plugin | le | 1.5.2 |
Related
cvelist
cvelist
CVE-2022-34802
2022-06-30 17:48:14
cve
cve
CVE-2022-34802
2022-06-30 18:15:13
nvd
nvd
CVE-2022-34802
2022-06-30 18:15:13
osv
osv
CVE-2022-34802
2022-06-30 18:15:13
Plaintext Storage of a Password in Jenkins RocketChat Notifier Plugin
2022-07-01 00:01:07
prion
prion
Design/Logic Flaw
2022-06-30 18:15:00
github
github
Plaintext Storage of a Password in Jenkins RocketChat Notifier Plugin
2022-07-01 00:01:07
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-06-30)
2023-08-04 00:00:00