We found results for “”
CVE-2019-1003088
Date: April 4, 2019
Jenkins Fabric Beta Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
Language: Java
Severity Score
Severity Score
Weakness Type (CWE)
Missing Encryption of Sensitive Data
CWE-311CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | NETWORK |
Access Complexity (AC): | LOW |
Authentication (AU): | SINGLE |
Confidentiality (C): | PARTIAL |
Integrity (I): | NONE |
Availability (A): | NONE |
Additional information: |