Lucene search
JenkinsCVELIST:CVE-2022-20621HistoryJan 12, 2022 - 7:06 p.m.
CVE-2022-20621
2022-01-1219:06:00
jenkins
www.cve.org
3
Jenkins Metrics Plugin 4.0.2.8 and earlier stores an access key unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
CNA Affected
[
{
"product": "Jenkins Metrics Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "4.0.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.0.2.7.1"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-01-12 20:15:00
cve
cve
CVE-2022-20621
2022-01-12 20:15:09
osv
osv
CVE-2022-20621
2022-01-12 20:15:09
Access key stored in plain text by Jenkins Metrics Plugin
2022-01-13 00:00:57
alpinelinux
alpinelinux
CVE-2022-20621
2022-01-12 20:15:09
redhatcve
redhatcve
CVE-2022-20621
2022-01-24 18:05:53
nvd
nvd
CVE-2022-20621
2022-01-12 20:15:09
cnvd
cnvd
Jenkins Metrics Plugin Licensing Issue Vulnerability
2022-01-16 00:00:00
github
github
Access key stored in plain text by Jenkins Metrics Plugin
2022-01-13 00:00:57
nessus
nessus
Jenkins LTS < 2.319.2 / Jenkins weekly < 2.330 Multiple Vulnerabilities
2022-01-21 00:00:00
Jenkins plugins Multiple Vulnerabilities (2022-01-12)
2022-01-21 00:00:00