4
CVSSv2

CVE-2018-1000109

Published: 13/03/2018 Updated: 03/10/2019
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

An improper authorization vulnerability exists in Jenkins Google Play Android Publisher Plugin version 1.6 and previous versions in GooglePlayBuildStepDescriptor.java that allow an malicious user to obtain credential IDs.

Affected Products

Vendor Product Versions
JenkinsGoogle-play-android-publisher1.6