Lucene search
JenkinsCVELIST:CVE-2020-2319HistoryNov 04, 2020 - 2:35 p.m.
CVE-2020-2319
2020-11-0414:35:45
jenkins
www.cve.org
4
cve-2020-2319
jenkins
vmware
password
unencrypted
config.xml
file system
EPSS
0.001
Percentile
28.4%
Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
CNA Affected
[
{
"product": "Jenkins VMware Lab Manager Slaves Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "0.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0.2.8",
"versionType": "custom"
}
]
}
]Related
github
github
Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin
2022-05-24 17:33:09
cve
cve
CVE-2020-2319
2020-11-04 15:15:12
nvd
nvd
CVE-2020-2319
2020-11-04 15:15:12
osv
osv
CVE-2020-2319
2020-11-04 15:15:12
Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin
2022-05-24 17:33:09
prion
prion
Design/Logic Flaw
2020-11-04 15:15:00