An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them.
References
Link | Resource |
---|---|
https://jenkins.io/security/advisory/2018-03-26/#SECURITY-373 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:21:59
Updated: 2022-10-03T16:21:59
Reserved: 2022-10-03T00:00:00
Link: CVE-2018-1000145
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-04-05T13:29:00.417
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-1000145
JSON object: View
Redhat Information
No data.
CWE