GHSA-PH9F-H462-J5JG Jenkins Diawi Upload Plugin stores credentials in plain text

Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

Jenkins Diawi Upload Plugin stores credentials in plain text

Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

CloudBees Jenkins Diawi Upload Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based development of the United States CloudBees continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Diawi Upload Plugin is used in one of the plug-in for...

CVE-2019-10284

Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10284

CVE-2019-10284 affects the Jenkins Diawi Upload Plugin. The vulnerability is the storage of credentials in plain text within job config.xml files on the Jenkins master/controller, enabling exposure to users with Extended Read permissions or with access to the master filesystem. The connected docu...

CVE-2019-10284

Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10284

Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

PT-2019-11686 · Jenkins · Jenkins Diawi Upload Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Diawi Upload Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be accessed...