2 matches found
CVE-2022-34807
Jenkins Elasticsearch Query Plugin 1.2 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...
CVE-2022-34807
CVE-2022-34807 affects Jenkins Elasticsearch Query Plugin 1.2 and earlier. The flaw exposes a password stored unencrypted in the plugin’s global configuration file on the Jenkins controller, enabling access to the password by anyone with Jenkins controller filesystem access. Practically, this is ...