1. Home
  2. Vulnerabilities
  3. CVE-2014-2061

CVE-2014-2061

CVSS v2.0 5 (Medium)
50% Progress
EPSS 0.22 % (60th)
0.22% Progress
Affected Products 1
Advisories 1
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

The input control in PasswordParameterDefinition in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to obtain passwords by reading the HTML source code, related to the default value.

Weaknesses
CWE-310
Cryptographic Issues
CVE Status
PUBLISHED
CNA
Debian GNU/Linux
Published Date
2014-10-17 15:55:05
(10 years ago)
Updated Date
2016-06-13 23:35:32
(8 years ago)

Affected Products

Jenkins

Configuration #1

    CPE23 From Up To
  Jenkins 1.532.1 and prior versions cpe:2.3:a:jenkins:jenkins::*:*:*:lts <= 1.532.1

Configuration #2

    CPE23 From Up To
  Jenkins 1.550 and prior versions cpe:2.3:a:jenkins:jenkins <= 1.550