Lucene search
JenkinsCVELIST:CVE-2024-34147HistoryMay 02, 2024 - 1:28 p.m.
CVE-2024-34147
2024-05-0213:28:05
jenkins
www.cve.org
6
jenkins
telegram bot plugin
unencrypted storage
global configuration file
security vulnerability
Jenkins Telegram Bot Plugin 1.4.0 and earlier stores the Telegram Bot token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
CNA Affected
[
{
"vendor": "Jenkins Project",
"product": "Jenkins Telegram Bot Plugin",
"versions": [
{
"version": "0",
"versionType": "maven",
"lessThanOrEqual": "1.4.0",
"status": "affected"
}
],
"defaultStatus": "unknown"
}
]Related
osv
osv
Jenkins Telegram Bot Plugin stores the Telegram Bot token in plaintext
2024-05-02 15:30:35
nvd
nvd
CVE-2024-34147
2024-05-02 14:15:10
vulnrichment
vulnrichment
CVE-2024-34147
2024-05-02 13:28:05
github
github
Jenkins Telegram Bot Plugin stores the Telegram Bot token in plaintext
2024-05-02 15:30:35
cve
cve
CVE-2024-34147
2024-05-02 14:15:10
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-05-02)
2024-05-02 00:00:00