Lucene search
JenkinsCVELIST:CVE-2022-27216HistoryMar 15, 2022 - 4:46 p.m.
CVE-2022-27216
2022-03-1516:46:08
jenkins
www.cve.org
Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
CNA Affected
[
{
"product": "Jenkins dbCharts Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "0.5.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0.5.2",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-03-15 17:15:00
nvd
nvd
CVE-2022-27216
2022-03-15 17:15:12
cve
cve
CVE-2022-27216
2022-03-15 17:15:12
cnvd
cnvd
Jenkins dbCharts Plugin Information Disclosure Vulnerability
2022-03-17 00:00:00
osv
osv
Passwords stored in plain text by Jenkins dbCharts Plugin
2022-03-16 00:00:43
github
github
Passwords stored in plain text by Jenkins dbCharts Plugin
2022-03-16 00:00:43
