Design/Logic Flaw

Jenkins Extensive Testing Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10450

Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-10452

Jenkins View26 Test-Reporting Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10449

CVE-2019-10449 affects Jenkins Fortify on Demand Plugin, where credentials are stored in plaintext in the Jenkins master’s job config.xml. This allows users with Extended Read permission or those with access to the master filesystem to view sensitive credentials. The vulnerability is documented a...

CVE-2019-10449

Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10449

Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10447

Jenkins Sofy.AI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10448

Jenkins Extensive Testing Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10443

Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10440

Jenkins NeoLoad Plugin 2.2.5 and earlier stored credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...

PT-2019-11843 · Jenkins · Jenkins Fortify On Demand Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Fortify on Demand Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be...

PT-2019-11844 · Jenkins · Jenkins Elasticbox Ci Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins ElasticBox CI Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global config.xml configuration file on the Jenkins master. This allows users with...

PT-2019-11846 · Jenkins · Jenkins View26 Test-Reporting Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins View26 Test-Reporting Plugin affected versions not specified Description: The issue concerns the storage of sensitive information in an unencrypted manner. Specifically, the Jenkins View26 Test-Reporting Plugin stores credentials and ...

PT-2019-11841 · Jenkins · Jenkins Sofy.Ai Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Sofy.AI Plugin affected versions not specified Description: The issue concerns the storage of sensitive information by the Jenkins Sofy.AI Plugin. Specifically, it stores credentials and an API token unencrypted in job config.xml file...

CVE-2019-10433

Jenkins Dingding钉钉 Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins Dingding?? Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10433

The CVE-2019-10433 entry affects the Jenkins Dingding plugin, where credentials are stored unencrypted in job config.xml files on the Jenkins master. This exposes credentials to users with Extended Read permissions or anyone with access to the master filesystem, as described across multiple sourc...

CVE-2019-10433

Jenkins Dingding钉钉 Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...