CVE-2020-2126

2020-02-12T15:15:00
ID CVE-2020-2126
Type cve
Reporter cve@mitre.org
Modified 2020-02-13T22:09:00

Description

Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted in the global config.xml file on the Jenkins master where it can be viewed by users with access to the master file system.