CloudBees Jenkins SQLPlus Script Runner Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An information disclosure...

CVE-2020-2312

CVE-2020-2312 concerns Jenkins SQLPlus Script Runner Plugin (versions 2.0.12 and earlier). The issue arises because the plugin prints the sqlplus command invocation to build logs without masking the password provided as a command line argument, enabling users with Item/Read permission to view the...

CVE-2020-2312

Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs...

PT-2020-15542 · Jenkins · Jenkins Sqlplus Script Runner Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins SQLPlus Script Runner Plugin versions 2.0.12 and earlier Description: The issue concerns the Jenkins SQLPlus Script Runner Plugin, where a password provided as a command line argument is not masked in build logs. This allows users wit...