4 matches found
CVE-2020-2164
Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system...
CVE-2020-2164
Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system...
CVE-2020-2164
Affected software: Jenkins Artifactory Plugin 3.5.0 and earlier. Root cause: Artifactory server password stored in plaintext in the plugin’s global configuration (e.g., org.jfrog.hudson.ArtifactoryBuilder.xml) on the Jenkins master/controller file system. Impact: password exposure to users with a...
CVE-2020-2164
Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system...