Exposure of Sensitive Information to an Unauthorized Actor in Jenkins SSH Credentials Plugin

🗓️ 14 May 2022 03:03:07Reported by GitHub Advisory DatabaseType

Exposure of Sensitive Information in Jenkins SSH Plugi

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
OSV	GHSA-CWCF-5M5W-MQ2W Exposure of Sensitive Information to an Unauthorized Actor in Jenkins SSH Credentials Plugin	14 May 202203:07	–	osv
OSV	CVE-2018-1000601	26 Jun 201817:29	–	osv
Prion	Design/Logic Flaw	26 Jun 201817:29	–	prion
Cvelist	CVE-2018-1000601	26 Jun 201817:00	–	cvelist
NVD	CVE-2018-1000601	26 Jun 201817:29	–	nvd
CVE	CVE-2018-1000601	26 Jun 201817:29	–	cve
RedhatCVE	CVE-2018-1000601	28 Jun 201809:49	–	redhatcve

Vulners

Node

org.jenkins-ci.plugins credentialsRange<2.1.17

org.jenkins-ci.plugins ssh-credentialsRange≤1.13

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-1000601
jenkins	www.jenkins.io/security/advisory/2018-06-25/
github	www.github.com/jenkinsci/ssh-credentials-plugin/commit/18b3121fa94a174064447d637dc11539e33b3a76
github	www.github.com/jenkinsci/ssh-credentials-plugin/commits/ssh-credentials-1.14
github	www.github.com/jenkinsci/credentials-plugin/commit/23fbd6de33cc3cb74eafd44e7b27dd87b52c8904
github	www.github.com/advisories/GHSA-cwcf-5m5w-mq2w

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 May 2022 03:07Current

4.5Medium risk

Vulners AI Score4.5

CVSS24

CVSS36.5

EPSS0.00333

CWE-200