CVE-2018-1000109

CVSS v3.0 4.3 (Medium)

CVSS v2.0 4 (Medium)

EPSS 0.05 % (22^th)

Affected Products 1

Advisories 1

An improper authorization vulnerability exists in Jenkins Google Play Android Publisher Plugin version 1.6 and earlier in GooglePlayBuildStepDescriptor.java that allow an attacker to obtain credential IDs.

Weaknesses

CWE-863: Incorrect Authorization

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2018-03-13 13:29:00
(6 years ago)
Updated Date: 2019-10-03 00:03:26
(5 years ago)

Affected Products

Jenkins

Google-play-android-publisher

Configuration #1

		CPE23	From	Up To
	Jenkins Google-play-android-publisher for Jenkins 1.6 and prior versions	cpe:2.3:a:jenkins:google-play-android-publisher::::::jenkins		<= 1.6