CVE-2018-1999040
published 2018-08-01CVE-2018-1999040: An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to…
high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | accurev_plugin | — | — |
| jenkins | agiletestware_pangolin_connector_for_testrail_plugin | — | — |
| jenkins | anchore_container_image_scanner_plugin | — | — |
| jenkins | confluence_publisher_plugin | — | — |
| jenkins | credentials_plugin | — | — |
| jenkins | inedo_buildmaster_plugin | — | — |
| jenkins | inedo_proget_plugin | — | — |
| jenkins | kubernetes | <= 1.10.1 | — |
| jenkins | kubernetes_plugin | — | — |
| jenkins | publish_over_cifs_plugin | — | — |
| jenkins | read_access_to_jenkins_to_override_the_plugin | — | — |
| jenkins | resource_disposer_plugin | — | — |
| jenkins | saltstack_plugin | — | — |
| jenkins | shelve_project_plugin | — | — |
| jenkins | ssh_agent_plugin | — | — |
| jenkins | tinfoil_security_plugin | — | — |
| jenkins | tracetronic_ecu-test_plugin | — | — |