[MAVEN:GHSA-65RJ-CGRP-G65W] Jenkins IBM AppScan Plugin showed plain text password in job configuration form fields
Severity
Moderate
Affected Packages
1
Fixed Packages
1
CVEs
1
Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure. This plugin has bee deprecated.
Package | Affected Version |
---|---|
pkg:maven/com.hcl.security/ibm-application-security | <= 1.2.4 |
Package | Fixed Version |
---|---|
pkg:maven/com.hcl.security/ibm-application-security | = 1.2.5 |
- ID
- MAVEN:GHSA-65RJ-CGRP-G65W
- Severity
- moderate
- URL
- https://github.com/advisories/GHSA-65rj-cgrp-g65w
- Published
-
2022-05-24T16:55:01
(2 years ago) - Modified
-
2024-01-30T21:20:07
(7 months ago) - Rights
- Maven Security Team
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:maven/com.hcl.security/ibm-application-security | com.hcl.security | ibm-application-security | <= 1.2.4 | |||
Fixed | pkg:maven/com.hcl.security/ibm-application-security | com.hcl.security | ibm-application-security | = 1.2.5 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |