Lucene search
K

369 matches found

Prion
Prion
added 2020/09/16 2:15 p.m.14 views

Design/Logic Flaw

Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

2.1CVSS5.5AI score0.00259EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/16 1:20 p.m.25 views

CVE-2020-2274

Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

5.5AI score0.00259EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/09/16 12:0 a.m.8 views

PT-2020-15493 · Jenkins · Jenkins Mongodb Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins MongoDB Plugin versions 1.3 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller. This issue arises because the plug...

8.8CVSS8.7AI score0.00691EPSS
Exploits0References7
Cvelist
Cvelist
added 2020/09/01 1:50 p.m.26 views

CVE-2020-2239

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

4.5AI score0.00524EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2020/09/01 1:50 p.m.31 views

CVE-2020-2239

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

4.3CVSS4.7AI score0.00524EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/03/09 12:0 a.m.12 views

PT-2020-15371 · Jenkins +1 · Jenkins Zephyr For Jira Test Management Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Zephyr for JIRA Test Management Plugin versions 1.5 and earlier Description: The issue concerns the storage of credentials in plain text in a global configuration file on the Jenkins master file system. Specifically, the Zephyr for JI...

5.5CVSS5.3AI score0.00273EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/09/25 12:0 a.m.7 views

PT-2019-11813 · Vmware +2 · Vfabric Application Director Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins vFabric Application Director Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins master. Specifically, the...

5.5CVSS5.3AI score0.00321EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.3 views

PT-2019-11350 · Jenkins · Jenkins Official Owasp Zap Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Official OWASP ZAP Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins Official OWASP ZAP Plugin. Specifically,...

8.8CVSS8.4AI score0.01365EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.4 views

PT-2019-11354 · Jenkins · Jenkins Aws-Device-Farm Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins aws-device-farm Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins aws-device-farm Plugin. Specifically,...

8.8CVSS8.4AI score0.01365EPSS
Exploits0References7
Rows per page
Query Builder