Jenkins WebSphere Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
Published: 2019-04-04
Description
Jenkins WebSphere Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
AI Intelligence Brief
AI Intelligence
Analyzing vulnerability vectors…
🛡️CVE Intelligence Platform
Welcome to THREATQUARTERS
Your command center for real-time vulnerability intelligence — built for security professionals who need answers fast.
Search 200,000+ CVEs by ID, keyword, or technology
Instant CVSS scores, severity ratings and exploit / PoC links