CVEbuzz logo
This website displays data collected from external sources, and is not responsible for any aspect of it. Read more...

Security / vulnerability advisories for Jenkins CloudCoreo DeployTime for Jenkins

Titles listed in dictionary

CPE for product: cpe:2.3:a:jenkins:cloudcoreo_deploytime:-:*:*:*:*:jenkins:*:*

Showing 1-1 of 1
Maximal damage 8.8
Easy to exploit
(other affected products) Published: Thu Apr 4 16:29:00 2019 UTC. Last Modified: Fri Oct 2 14:44:00 2020 UTC
CPE matches: cpe:2.3:a:jenkins:cloudcoreo_deploytime:*:*:*:*:*:jenkins:*:*

Description

Jenkins CloudCoreo DeployTime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

Damage

Attack conditions

Damage and attack conditions obtained from CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (CVSSv3)

Type of bug(s)

References