533 matches found
CVE-2019-1003068
Jenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003061
CVE-2019-1003061 affects the Jenkins ecosystem via the jenkins-cloudformation-plugin, which stores credentials unencrypted in job config.xml files on the Jenkins master/controller. The root cause described across multiple connected records is that credentials are kept in plain text, enabling view...
CVE-2019-1003068
CVE-2019-1003068 affects the Jenkins VMware vRealize Automation Plugin, where credentials are stored unencrypted in job config.xml files on the Jenkins master/controller. The vulnerability allows access by users with Extended Read permission or anyone with access to the master/controller file sys...
CVE-2019-1003073
Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003067
Jenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003053
The CVE-2019-1003053 entry concerns the Jenkins HockeyApp Plugin, where credentials are stored in plaintext in job config.xml files on the Jenkins master. The underlying issue is improper credential handling in the plugin, making secrets viewable to users with Extended Read permission or anyone w...
CVE-2019-1003053
Jenkins HockeyApp Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003053
Jenkins HockeyApp Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003054
Jenkins Jira Issue Updater Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
PT-2019-11696 · Jenkins · Jenkins Kmap Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Kmap Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master. Users with Extended Read permission or access to the...
PT-2019-11684 · Jenkins · Jenkins Klaros-Testmanagement Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Klaros-Testmanagement Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be...
PT-2019-11386 · Jenkins · Jenkins Testfairy Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins TestFairy Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master. This allows users with Extended Read permission or...
PT-2019-11346 · Jenkins · Jenkins Websphere Deployer Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins WebSphere Deployer Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be...
PT-2019-11358 · Vmware +1 · Vrealize Automation Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins VMware vRealize Automation Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials c...
PT-2019-11362 · Jenkins · Jenkins Wildfly Deployer Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins WildFly Deployer Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be...
PT-2019-11357 · Jenkins · Jenkins Trac Publisher Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Trac Publisher Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be access...
PT-2019-11351 · Jenkins · Jenkins-Cloudformation-Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins jenkins-cloudformation-plugin Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master or controller. These credentials ca...
PT-2019-11387 · Jenkins · Jenkins Crowd Integration Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Crowd Integration Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global config.xml configuration file on the Jenkins master. This allows users with...
PT-2019-11686 · Jenkins · Jenkins Diawi Upload Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Diawi Upload Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be accessed...
PT-2019-11343 · Jenkins · Jenkins Hockeyapp Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins HockeyApp Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. These credentials can be accessed by users who have...