1. Home
  2. Vulnerabilities
  3. CVE-2019-1003074

CVE-2019-1003074

CVSS v3.1 8.8 (High)
88% Progress
CVSS v2.0 4 (Medium)
40% Progress
EPSS 0.24 % (65th)
0.24% Progress
Affected Products 1
Advisories 2
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Graph Web & Social Timeline

Jenkins Hyper.sh Commons Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

Weaknesses
CWE-311
Missing Encryption of Sensitive Data
CVE Status
PUBLISHED
CNA
Jenkins Project
Published Date
2019-04-04 16:29:01
(5 years ago)
Updated Date
2023-10-25 18:16:05
(10 months ago)

Affected Products

Jenkins

Configuration #1

    CPE23 From Up To
  Jenkins Hyper.sh Commons for Jenkins cpe:2.3:a:jenkins:hyper.sh_commons:-:*:*:*:*:jenkins