CVE-2025-31724

Jenkins Cadence vManager Plugin 4.0.0-282.v5096ac2db275 and earlier stores Verisium Manager vAPI keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

PT-2025-14514 · Jenkins · Jenkins Cadence Vmanager Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Cadence vManager Plugin versions 4.0.0-282.v5096a c2db 275 and earlier Description: The issue concerns the storage of Verisium Manager vAPI keys in an unencrypted form within job config.xml files on the Jenkins controller. These keys...