Jenkins Serena SRA Deploy Plugin stores credentials unencrypted in its global configuration file com.urbancode.ds.jenkins.plugins.serenarapublisher.UrbanDeployPublisher.xml
on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system.