Lucene search
K

4 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/16 12:0 a.m.5 views

The vulnerability of the Nouvola DiveCloud plugin for Jenkins’ automation server, related to the storage of keys in an unencrypted form, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Nouvola DiveCloud plugin for Jenkins-based automation servers lies in the storage of keys in an unencrypted form within the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

6.8CVSS5.4AI score0.00175EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/02 2:59 p.m.13 views

CVE-2025-31724

Jenkins Cadence vManager Plugin 4.0.0-282.v5096ac2db275 and earlier stores Verisium Manager vAPI keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

7AI score0.0029EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.3 views

CVE-2022-34803

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...

4.3CVSS5.9AI score0.00557EPSS
Exploits0References2
OSV
OSV
added 2020/12/09 5:15 p.m.3 views

CVE-2020-26816

SAP AS JAVA Key Storage Service, versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access ...

4.5CVSS6.3AI score0.00167EPSS
Exploits0References2
Rows per page
Query Builder