Lucene search
K

408 matches found

Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.11 views

PT-2019-11696 · Jenkins · Jenkins Kmap Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Kmap Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master. Users with Extended Read permission or access to the...

8.8CVSS8.5AI score0.01773EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.5 views

PT-2019-11685 · Jenkins · Jenkins Mabl Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins mabl Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be accessed by user...

8.8CVSS8.5AI score0.01773EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.5 views

PT-2019-11358 · Vmware +1 · Vrealize Automation Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins VMware vRealize Automation Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials c...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.4 views

PT-2019-11386 · Jenkins · Jenkins Testfairy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TestFairy Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master. This allows users with Extended Read permission or...

6.5CVSS6.3AI score0.01676EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/03/28 12:0 a.m.6 views

PT-2019-11335 · Jenkins · Jenkins Ecs Publisher Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins ECS Publisher Plugin versions 1.0.0 and earlier Description: A vulnerability in the plugin allows attackers with Item/Extended Read permission, or local file system access to the Jenkins home directory to obtain the API token configur...

6.5CVSS6.2AI score0.01613EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/06/06 7:6 p.m.5 views

jenkins: Encrypted secrets (e.g. passwords) were leaked to users with permission to read configuration (SECURITY-266)

Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration...

6.5CVSS5.8AI score0.02185EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/06/06 7:6 p.m.7 views

jenkins: Granting the permission to read node configurations allows access to overall system configuration (SECURITY-281)

The API URL computer/master/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors...

4.3CVSS5.9AI score0.02308EPSS
Exploits0References5
CNVD
CNVD
added 2016/05/13 12:0 a.m.4 views

CloudBees Jenkins CI and Jenkins LTS Information Disclosure Vulnerability (CNVD-2016-03162)

CloudBees Jenkins CI formerly known as Hudson Labs is a Java-based continuous integration tool from CloudBees, Inc. It is mainly used to monitor ongoing software releases/testing projects and a number of timed tasks.LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI is a...

4.3CVSS8.5AI score0.02308EPSS
Exploits0References1
Rows per page
Query Builder