36 matches found
CVE-2019-10467
Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
PT-2019-11854 · Jenkins · Jenkins Bitbucket Oauth Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Bitbucket OAuth Plugin versions 0.9 and earlier Jenkins Bitbucket OAuth Plugin prior to 0.10 Description: The issue concerns the storage of credentials in an unencrypted manner in the global config.xml configuration file on the Jenkin...
CVE-2019-10452
Jenkins View26 Test-Reporting Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-17356
The Infinite Design application 3.4.12 for Android sends a username and password via TCP without any encryption during login, as demonstrated by sniffing of a public Wi-Fi network...
CVE-2019-10426
Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10347
Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system...
PT-2019-11750 · Jenkins · Jenkins Caliper Ci Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Caliper CI Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be accessed b...
PT-2019-11715 · Jenkins · Jenkins Twitter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Twitter Plugin affected versions not specified Description: The issue concerns the storage of credentials in the Jenkins Twitter Plugin. Specifically, it stores credentials unencrypted in its global configuration file on the Jenkins...
CVE-2019-10281
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003095
Jenkins Perfecto Mobile Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003075
Jenkins Audit to Database Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003054
Jenkins Jira Issue Updater Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003052
Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003064
Jenkins aws-device-farm Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
PT-2019-11698 · Jenkins · Jenkins Serena Sra Deploy Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Serena SRA Deploy Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the...
PT-2019-11696 · Jenkins · Jenkins Kmap Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Kmap Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master. Users with Extended Read permission or access to the...