Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
References
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: jenkins

Published: 2020-02-12T14:35:49

Updated: 2023-10-24T16:05:31.899Z

Reserved: 2019-12-05T00:00:00


Link: CVE-2020-2132

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2020-02-12T15:15:14.570

Modified: 2023-10-25T18:16:31.380


Link: CVE-2020-2132

JSON object: View

cve-icon Redhat Information

No data.

CWE