2 matches found
CVE-2022-45384
CVE-2022-45384 affects the Jenkins Reverse Proxy Auth Plugin. Versions 1.7.3 and earlier store the LDAP manager password unencrypted in the Jenkins controller’s global config.xml, enabling access by anyone with filesystem access to the controller. The vulnerability is triggered by plaintext stora...
CVE-2022-45384
Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...