3 matches found
CVE-2019-10449
Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10449
Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10449
CVE-2019-10449 affects Jenkins Fortify on Demand Plugin, where credentials are stored in plaintext in the Jenkins master’s job config.xml. This allows users with Extended Read permission or those with access to the master filesystem to view sensitive credentials. The vulnerability is documented a...