CVE-2019-1003039

2019-03-0821:29:00

Google

osv.dev

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.4%

JSON

An insufficiently protected credentials vulnerability exists in JenkinsAppDynamics Dashboard Plugin 1.0.14 and earlier in src/main/java/nl/codecentric/jenkins/appd/AppDynamicsResultsPublisher.java that allows attackers without permission to obtain passwords configured in jobs to obtain them.

CPENameOperatorVersion
appdynamics-plugineqappdynamics-dashboard-1.0.7
appdynamics-plugineqappdynamics-dashboard-1.0.3
appdynamics-plugineqappdynamics-dashboard-1.0.9
appdynamics-plugineqappdynamics-dashboard-1.0.12
appdynamics-plugineqappdynamics-dashboard-1.0.2
appdynamics-plugineqappdynamics-dashboard-1.0.11
appdynamics-plugineqappdynamics-dashboard-1.0.4
appdynamics-plugineqappdynamics-dashboard-1.0.0
appdynamics-plugineqappdynamics-dashboard-1.0.5
appdynamics-plugineqappdynamics-dashboard-1.0.10

Name	Operator	Version
appdynamics-plugin	eq	appdynamics-dashboard-1.0.7
appdynamics-plugin	eq	appdynamics-dashboard-1.0.3
appdynamics-plugin	eq	appdynamics-dashboard-1.0.9
appdynamics-plugin	eq	appdynamics-dashboard-1.0.12
appdynamics-plugin	eq	appdynamics-dashboard-1.0.2
appdynamics-plugin	eq	appdynamics-dashboard-1.0.11
appdynamics-plugin	eq	appdynamics-dashboard-1.0.4
appdynamics-plugin	eq	appdynamics-dashboard-1.0.0
appdynamics-plugin	eq	appdynamics-dashboard-1.0.5
appdynamics-plugin	eq	appdynamics-dashboard-1.0.10