Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Github Security Blog
Github Security Blogadded 2022/05/17 2:25 a.m.29 views

Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINSHOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the...

9.8CVSS1.6AI score0.01234EPSS
Exploits0References5Affected Software1
CNVD
CNVDadded 2017/09/22 12:0 a.m.2 views

CloudBees Jenkins re-key admin monitor information disclosure vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. It is mainly used to monitor continuous software releases/testing projects and a number of timed tasks. re-key admin monitor is one of the re-key admin monitor. The re-key admi...

9.8CVSS6.9AI score0.01234EPSS
Exploits0References1
CVE
CVEadded 2017/07/13 8:0 p.m.81 views

CVE-2017-1000362

The vulnerability CVE-2017-1000362 affects Jenkins (re-key admin monitor). In Jenkins 1.498, secrets were re-encrypted with a new key and a backup directory at JENKINS_HOME/jenkins.security.RekeySecretAdminMonitor/backups was created containing the old, unremoved secrets; these backups were world...

9.8CVSS7.2AI score0.01234EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder