CVE-2019-1010241
published 2019-07-19CVE-2019-1010241: Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | credentials_binding | — | — |
| jenkins_credentials_binding_plugin | jenkins | — | — |