1. Home
  2. Vulnerabilities
  3. CVE-2021-21612

CVE-2021-21612

CVSS v3.1 5.5 (Medium)
55% Progress
CVSS v2.0 2.1 (Low)
21% Progress
EPSS 0.04 % (13th)
0.04% Progress
Affected Products 1
Advisories 3
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.

Weaknesses
CWE-522
Insufficiently Protected Credentials
CVE Status
PUBLISHED
CNA
Jenkins Project
Published Date
2021-01-13 16:15:14
(3 years ago)
Updated Date
2023-10-25 18:16:45
(10 months ago)

Affected Products

Jenkins

Configuration #1

    CPE23 From Up To
  Jenkins Tracetronic Ecu-test for Jenkins 2.23.1 and prior versions cpe:2.3:a:jenkins:tracetronic_ecu-test::*:*:*:*:jenkins <= 2.23.1