Lucene search
K

5 matches found

OSV
OSV
added 2022/05/13 1:18 a.m.18 views

GHSA-3CCQ-GCCX-PM7J Jenkins SonarQube Scanner Plugin stored server authentication token in plain text

An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube...

7.8CVSS7.4AI score0.00344EPSS
Exploits0References3
CNVD
CNVD
added 2019/01/11 12:0 a.m.2 views

CloudBees Jenkins SonarQube Scanner Plugin Authentication Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. It is mainly used to monitor continuous software release/testing projects and some timed tasks.SonarQube Scanner Plugin is a plugin used in the scanning and checking the qualit...

7.8CVSS7.2AI score0.00344EPSS
Exploits0References1
OSV
OSV
added 2019/01/09 11:29 p.m.14 views

CVE-2018-1000425

An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube...

7.8CVSS6.4AI score
Exploits0References2
Prion
Prion
added 2019/01/09 11:29 p.m.13 views

Design/Logic Flaw

An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube...

2.1CVSS7.3AI score0.00344EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/01/09 11:0 p.m.51 views

CVE-2018-1000425

The CVE concerns the Jenkins SonarQube Scanner Plugin (up to version 2.8) where credentials used to connect to SonarQube are stored in plaintext in SonarInstallation.java. This insufficient protection allows an attacker with local filesystem access to extract the server authentication credentials...

7.8CVSS7.3AI score0.00344EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder