Jenkins Harvest SCM Plugin 0.5.1 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.
CPE | Name | Operator | Version |
---|---|---|---|
harvest-plugin | eq | harvest-0.5 | |
harvest-plugin | eq | harvest-0.4.2 | |
harvest-plugin | eq | harvest-0.5.1 | |
harvest-plugin | eq | harvest-0.4.1 |