6.7 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
66.3%
Jenkins IRC Plugin stores credentials unencrypted in its global configuration file hudson.plugins.ircbot.IrcPublisher.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system.
hudson.plugins.ircbot.IrcPublisher.xml
www.openwall.com/lists/oss-security/2019/04/12/2
jenkins.io/security/advisory/2019-04-03/#SECURITY-829
nvd.nist.gov/vuln/detail/CVE-2019-1003051