CloudBees Jenkins (Hudson Labs) is a Java-based continuous integration tool developed by CloudBees, Inc. An information disclosure vulnerability exists in CloudBees Jenkins Nomad Plugin 0.7.4 and prior versions. The vulnerability is caused by the program storing unencrypted Docker passwords in the global config.xml file on the Jenkins controller. An attacker could use this vulnerability to view this password information.
CPE | Name | Operator | Version |
---|---|---|---|
cloudbees jenkins nomad plugin <= | eq | 0.7.4 |