Lucene search
K

12 matches found

OSV
OSV
added 2022/05/24 5:39 p.m.28 views

GHSA-QVJR-X8FW-HGHV Credentials stored in plain text by Jenkins TraceTronic ECU-TEST Plugin

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file de.tracetronic.jenkins.plugins.ecutest.report.atx.installation.ATXInstallation.xml on the Jenkins controller as part of its configuration. These credentials can be viewed by user...

5.5CVSS5.6AI score0.00334EPSS
Exploits0References3
CNVD
CNVD
added 2021/01/14 12:0 a.m.4 views

Cloudbees Jenkins TraceTronic ECU-TEST Plugin Information Disclosure Vulnerability

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . An information disclosure...

5.5CVSS6.3AI score0.00334EPSS
Exploits0References1
NVD
NVD
added 2021/01/13 4:15 p.m.20 views

CVE-2021-21612

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

5.5CVSS5.4AI score0.00334EPSS
Exploits0References1
OSV
OSV
added 2021/01/13 4:15 p.m.19 views

CVE-2021-21612

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

5.5CVSS6.6AI score
Exploits0References1
Cvelist
Cvelist
added 2021/01/13 3:55 p.m.35 views

CVE-2021-21612

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

6AI score0.00334EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2021/01/13 3:55 p.m.35 views

CVE-2021-21612

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

5.5CVSS5.8AI score0.00334EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/01/13 12:0 a.m.7 views

PT-2021-14655 · Jenkins · Jenkins Tracetronic Ecu-Test Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TraceTronic ECU-TEST Plugin versions 2.23.1 and earlier Description: The issue allows credentials to be stored unencrypted in the global configuration file on the Jenkins controller, making them accessible to users with access to the...

5.5CVSS5.2AI score0.00334EPSS
Exploits0References6
CNVD
CNVD
added 2018/08/08 12:0 a.m.2 views

CloudBees Jenkins TraceTronic ECU-TEST Plugin SSL/TLS Certificate Validation Vulnerability

CloudBees Jenkins is a suite of Java-based continuous integration tools from CloudBees, Inc. that are used to monitor ongoing software releases/testing projects and some timed tasks.TraceTronic ECU-TEST Plugin is an automated testing software for embedded systems that uses... TraceTronic ECU-TEST...

7.4CVSS7.3AI score0.00856EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/08 12:0 a.m.5 views

CloudBees Jenkins TraceTronic ECU-TEST Plugin Server-Side Request Forgery Vulnerability

CloudBees Jenkins is a suite of Java-based continuous integration tools from CloudBees, Inc. that are used to monitor ongoing software releases/testing projects and some timed tasks.TraceTronic ECU-TEST Plugin is an automated test software for embedded systems that uses... TraceTronic ECU-TEST...

6.5CVSS6.5AI score0.00862EPSS
Exploits0References1
NVD
NVD
added 2018/08/01 1:29 p.m.22 views

CVE-2018-1999026

A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host...

6.5CVSS6.5AI score0.00862EPSS
Exploits0References2
OSV
OSV
added 2018/08/01 1:29 p.m.20 views

CVE-2018-1999026

A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host...

6.5CVSS6.7AI score
Exploits0References2
Cvelist
Cvelist
added 2018/08/01 1:0 p.m.17 views

CVE-2018-1999026

A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host...

6.4AI score0.00862EPSS
Exploits0References2
Rows per page
Query Builder