Описание
Jenkins's build authorization token is stored and displayed in plain text
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Пакеты
org.jenkins-ci.main:jenkins-core
>= 2.529, < 2.541
2.541
org.jenkins-ci.main:jenkins-core
< 2.528.3
2.528.3
Связанные уязвимости
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Уязвимость сервера автоматизации Jenkins, связанная с хранением информации в открытом виде, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
