Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2022/05/13 1:48 a.m.17 views

Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password

A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured password. IBM...

7.2CVSS3.5AI score0.01012EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/06/26 5:29 p.m.9 views

CVE-2018-1000608

A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured password...

7.2CVSS6.8AI score0.01012EPSS
Exploits0References1
OSV
OSV
added 2018/06/26 5:29 p.m.11 views

CVE-2018-1000608

A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured password...

7.2CVSS6.8AI score
Exploits0References1
CVE
CVE
added 2018/06/26 5:0 p.m.54 views

CVE-2018-1000608

The CVE-2018-1000608 affects Jenkins z/OS Connector Plugin (versions up to 1.2.6.1). The vulnerability resides in SCLMSCM.java where passwords could be exposed, allowing an attacker with local file-system access or a compromised Jenkins admin browser (e.g., malicious extension) to retrieve the co...

7.2CVSS6.7AI score0.01012EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder