Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-CG6Q-GP23-VWX8
HistoryMay 13, 2022 - 1:18 a.m.

Jenkins Crowd 2 Integration Plugin stored credentials in plain text

2022-05-1301:18:46
Google
osv.dev
3
jenkins
integration
plugin
credentials
vulnerability
crowd 2
local file system access

AI Score

6.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON

An insufficiently protected credentials vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java, CrowdConfigurationService.java that allows attackers with local file system access to obtain the credentials used to connect to Crowd 2.

Related

cvelist 1
prion 1
nvd 1
github 1
cve 1
cvelist
cvelist
CVE-2018-1000423
2019-01-09 23:00:00
prion
prion
Design/Logic Flaw
2019-01-09 23:29:00
nvd
nvd
CVE-2018-1000423
2019-01-09 23:29:02
github
github
Jenkins Crowd 2 Integration Plugin stored credentials in plain text
2022-05-13 01:18:46
cve
cve
CVE-2018-1000423
2019-01-09 23:29:02

AI Score

6.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for OSV:GHSA-CG6Q-GP23-VWX8
cvelist1prion1nvd1github1cve1