Lucene search
China National Vulnerability DatabaseCNVD-2022-79872HistoryMar 17, 2022 - 12:00 a.m.
Jenkins incapptic connect uploader Plugin has an unspecified vulnerability
2022-03-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
jenkins
incapptic connect
uploader
plugin
vulnerability
unspecified
tokens
configuration file
security
read access
file system
exploit
cnvd
EPSS
0.001
Percentile
22.0%
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins incapptic connect uploader Plugin originally had a security vulnerability that stemmed from the plugin storing unencrypted tokens in the An attacker with extended read access or access to the Jenkins controller file system could exploit this vulnerability to view the configuration file and unencrypted tokens.
Related
prion
prion
Design/Logic Flaw
2022-03-15 17:15:00
cve
cve
CVE-2022-27218
2022-03-15 17:15:12
nvd
nvd
CVE-2022-27218
2022-03-15 17:15:12
osv
osv
Personal tokens stored in plain text by Jenkins incapptic connect uploader Plugin
2022-03-16 00:00:42
CVE-2022-27218
2022-03-15 17:15:12
cvelist
cvelist
CVE-2022-27218
2022-03-15 16:46:12
github
github
