Lucene search
+L

4 matches found

github
github
added 2022/05/13 1:48 a.m.17 views

Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password

A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured password. IBM...

7.2CVSS3.5AI score0.01012EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2018/06/26 5:29 p.m.9 views

CVE-2018-1000608

A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured password...

7.2CVSS6.8AI score0.01012EPSS
Exploits0References1
osv
osv
added 2018/06/26 5:29 p.m.11 views

CVE-2018-1000608

A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured password...

7.2CVSS6.8AI score
Exploits0References1
cve
cve
added 2018/06/26 5:0 p.m.54 views

CVE-2018-1000608

The CVE-2018-1000608 affects Jenkins z/OS Connector Plugin (versions up to 1.2.6.1). The vulnerability resides in SCLMSCM.java where passwords could be exposed, allowing an attacker with local file-system access or a compromised Jenkins admin browser (e.g., malicious extension) to retrieve the co...

7.2CVSS6.7AI score0.01012EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder