4 matches found
The vulnerability of the Nouvola DiveCloud plugin for Jenkins’ automation server, related to the storage of keys in an unencrypted form, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Nouvola DiveCloud plugin for Jenkins-based automation servers lies in the storage of keys in an unencrypted form within the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...
CVE-2025-31724
Jenkins Cadence vManager Plugin 4.0.0-282.v5096ac2db275 and earlier stores Verisium Manager vAPI keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...
CVE-2022-34803
Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...
CVE-2020-26816
SAP AS JAVA Key Storage Service, versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access ...