4 matches found
PT-2025-28907 · Jenkins · Jenkins Statistics Gatherer Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Statistics Gatherer Plugin versions 2.0.3 and earlier Description: The Jenkins Statistics Gatherer Plugin does not mask the AWS Secret Key on the global configuration form and stores it unencrypted in the...
CVE-2020-2239
Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...
CVE-2024-23942 MB connect line: Configuration File on the client workstation is not encrypted
A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS...
Multiple Products DVR Configuration Disclosure (CVE-2013-1391)
A configuration disclosure vulnerability has been reported in the DVR web server of multiple vendors which allows authentication bypass. A remote attacker could get the unencrypted configuration file by requesting the "/DVR.cfg" without entering credentials. Successful exploitation of this...