Required CVE Record Information
Description
Jenkins Eagle Tester Plugin 1.0.9 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 2 Total
- https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1552 x_transferred
- openwall.com: [oss-security] 20200212 Multiple vulnerabilities in Jenkins plugins mailing-listx_transferred