Описание
Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.
EPSS
Процентиль: 9%
0.00036
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-256
Связанные уязвимости
CVSS3: 4.3
github
2 месяца назад
Jenkins Warrior Framework Plugin vulnerability exposes unencrypted passwords to certain authenticated users
EPSS
Процентиль: 9%
0.00036
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-256