4649 matches found
Design/Logic Flaw
Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Serena SRA Deploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Hyper.sh Commons Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-1003060
Jenkins Official OWASP ZAP Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10288
Affected software: Jenkins Jabber Server Plugin. Vulnerability: Credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins master/controller (e.g., de.e_nexus.jabber.JabberBuilder.xml), which can be read by anyone with file-system access to the Jenkins controller....
CVE-2019-10298
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10298
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10288
Jenkins Jabber Server Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10297
Jenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003094
The CVE-2019-1003094 entry concerns the Jenkins Open STF Plugin, where credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins master. The vulnerability arises from plaintext storage, allowing users with access to the master filesystem to view sensitive credent...
CVE-2019-10280
Jenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10281
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003094
Jenkins Open STF Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003095
CVE-2019-1003095 affects the Jenkins Perfecto Mobile Plugin, where credentials are stored in plaintext in the plugin’s global configuration file on the Jenkins master and can be viewed by users with master-file-system access. This creates a confidentiality risk per cited sources. The connected do...
CVE-2019-10280
Jenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003075
Jenkins Audit to Database Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003066
CVE-2019-1003066 affects the Jenkins Bugzilla Plugin. The issue is that credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins master, specifically in hudson.plugins.bugzilla.BugzillaProjectProperty.xml, and can be viewed by any user with access to the master ...
CVE-2019-1003074
Jenkins Hyper.sh Commons Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...