3 matches found
CVE-2020-2128
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...
CloudBees Jenkins ECX Copy Data Management Plugin Information Disclosure Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A security vulnerability exis...
CVE-2020-2128
CVE-2020-2128 affects the Jenkins ECX Copy Data Management Plugin (versions ≤ 1.9). The root cause is passwords stored unencrypted in job config.xml on the Jenkins master. This allows disclosure to users with Extended Read permissions or to anyone with master filesystem access. The provided docum...