We found results for “”
CVE-2019-10415
Good to know:
Date: September 25, 2019
Jenkins Violation Comments to GitLab Plugin 2.28 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
Language: Java
Severity Score
Severity Score
Weakness Type (CWE)
Top Fix
Upgrade Version
Upgrade to version org.jenkins-ci.plugins:violation-comments-to-gitlab:2.30
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | NETWORK |
Access Complexity (AC): | LOW |
Authentication (AU): | SINGLE |
Confidentiality (C): | PARTIAL |
Integrity (I): | NONE |
Availability (A): | NONE |
Additional information: |